Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Where in User.Identity.Name gets a value in Login control?

Reply
Thread Tools

Where in User.Identity.Name gets a value in Login control?

 
 
Athena
Guest
Posts: n/a
 
      11-29-2007
Hello,

For a logging application I need to test the value of User.Identity.Name
together with User.Identity.IsAuthenticated to direct the program flow. I
tried Login.Authenticated, LoggedIn and Page_Load events. In all cases the
value is returned as empty. Based on whether this value equal to "admin" I
would like to make a CreateUserWizard control visible if the user is
authenticated. I would appreciate if you give me a code example. Thank you.

Athena

 
Reply With Quote
 
 
 
 
Bryan Porter
Guest
Posts: n/a
 
      11-29-2007
Athena,

Once the user has authenticated successfully through one of the log in
controls, the (and this is from memory, so bear with me) User property of the
current HttpContext instance should be populated. Depending on the membership
provider you are using, HttpContext.Current.User.Identity should hold either
a WindowsIdentity object or a GenericIdentity object.

If they don't, the user can't have been authenticated, or you are using
custom forms authentication (not one of the membership providers) and not
setting the forms authentication ticket properly.

Hope that helps.

"Athena" wrote:

> Hello,
>
> For a logging application I need to test the value of User.Identity.Name
> together with User.Identity.IsAuthenticated to direct the program flow. I
> tried Login.Authenticated, LoggedIn and Page_Load events. In all cases the
> value is returned as empty. Based on whether this value equal to "admin" I
> would like to make a CreateUserWizard control visible if the user is
> authenticated. I would appreciate if you give me a code example. Thank you.
>
> Athena
>
>

 
Reply With Quote
 
 
 
 
Wainage
Guest
Posts: n/a
 
      11-29-2007
Athena,

I’ve looked at your code and your problem stems from a basic
misunderstanding of ASP.NET’s “Forms” authentication. Since I am also a
rookie programmer let me give you a brief break down of how it works.

When a user clicks the login button on the login form the following sequence
occurs:
1. Username and Password are validated against the data store (XML, SQL etc)
2. If valid and Authentication Ticket is created that contains the Username
3. The Ticket is encrypted and passed into the pending Http Response
4. The current page is “Refreshed” with a Response.Redirect (and the cookie
is delivered to the browser)

The user is now logged in and User.Identity.Name and User.Identity will now
be populated. How? The following occurs:
1. Http request begins (before the Page is even created)
2. If the request contains a Authentication cookie it is decrypted (it does.
Step 4 above)
3. A user Principal is created containing the Username
4. This Principal is assigned to the current Context (User.Identity.XXXX is
now available)
5. … rest of the request processing, page processing continues …

This may look confusing at first but understanding it is vital in
understanding how authentication in ASP.NET works.

I’ve included a sample (unfortunately I only speak C# - but there is very
little and it is well commented) that will provide the behavior you are
looking for.

The default.aspx page has a [LoginStatus] control as well as a [LoginView]
to hide our controls from anonymous users. The [CreateUserWizard] control is
part of the <loggedIn> template and visible is false.

In Page_Load we check to see if the user is “admin”. If so
[CreateUserWizard].Visible = true;

To make it work, run the “Web Site Administration Tool”, enable security and
add a “admin” and a couple of test users.

I hope this lifts the fog.

Wainage

=============================================
[default.aspx]
-------------------------------------------------------------------------
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs"
Inherits="_Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:LoginStatus ID="LoginStatus1" runat="server" />
</div>
<div>
<asp:LoginView ID="LoginView1" runat="server">
<AnonymousTemplate>
To Work on the site u need to log in
</AnonymousTemplate>
<LoggedInTemplate>
<asp:CreateUserWizard ID="CreateUserWizard1" runat="server"
Visible="false">
<WizardSteps>
<asp:CreateUserWizardStep ID="CreateUserWizardStep1"
runat="server">
</asp:CreateUserWizardStep>
<asp:CompleteWizardStep ID="CompleteWizardStep1"
runat="server">
</asp:CompleteWizardStep>
</WizardSteps>
</asp:CreateUserWizard>
<div>
All Logged in users can see this ...
</div>
</LoggedInTemplate>
</asp:LoginView>
</div>
</form>
</body>
</html>
-------------------------------------------------------------------------
protected void Page_Load(object sender, EventArgs e)
{
// the Wizard control is only shown when the user is Authenticated
// so we need to find the control (this.CreateUserWizard1 does not
work)
// We ask LoginView to find the control
CreateUserWizard wizard =
(CreateUserWizard)LoginView1.FindControl("CreateUs erWizard1");

// did we find it?
if (wizard != null) // Yes!
{
// check username
if ("admin" == User.Identity.Name)
wizard.Visible = true; // for "admin"
else
wizard.Visible = false; // for everyone else
}
}
=============================================
[login.aspx]
-------------------------------------------------------------------------
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="login.aspx.cs"
Inherits="login" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div>

</div>
<asp:Login ID="Login1" runat="server">
</asp:Login>
</form>
</body>
</html>
=============================================

 
Reply With Quote
 
Eliyahu Goldin
Guest
Posts: n/a
 
      11-29-2007
The problem is that the authentication principal won't get set until the
next request to the
server. But you can use the "UserName" property on the Usercontrol
within the LoggedIn event to identify the user.


--
Eliyahu Goldin,
Software Developer
Microsoft MVP [ASP.NET]
http://msmvps.com/blogs/egoldin
http://usableasp.net


"Athena" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hello,
>
> For a logging application I need to test the value of
> User.Identity.Name together with User.Identity.IsAuthenticated to direct
> the program flow. I tried Login.Authenticated, LoggedIn and Page_Load
> events. In all cases the value is returned as empty. Based on whether this
> value equal to "admin" I would like to make a CreateUserWizard control
> visible if the user is authenticated. I would appreciate if you give me a
> code example. Thank you.
>
> Athena
>



 
Reply With Quote
 
Scott Roberts
Guest
Posts: n/a
 
      11-29-2007

"Wainage" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...

> When a user clicks the login button on the login form the following
> sequence
> occurs:
> 1. Username and Password are validated against the data store (XML, SQL
> etc)
> 2. If valid and Authentication Ticket is created that contains the
> Username
> 3. The Ticket is encrypted and passed into the pending Http Response
> 4. The current page is “Refreshed” with a Response.Redirect (and the
> cookie
> is delivered to the browser)


Steps 1-3 all occur on the initial postback, and during that postback the
User.Identity is not populated. Step 4 does not occur automatically. You can
set a redirect url on the login control or manually redirect from the
code-behind, but either way, the User.Identity is still not set for the
initial postback. Your code works because you're checking User.Identity.Name
in default.aspx, which is *after* the login. If I read the OP correctly, he
wants to redirect from within the login page on the initial postback.

As Eliyahu said, to check the username on the initial postback of the login
page, you'll need to use the "Username" property of the login control.

 
Reply With Quote
 
Ian Semmel
Guest
Posts: n/a
 
      11-29-2007
You can check in OnAuthenticate and do the authentication yourself eg

protected void Login1_OnAuthenticate(object sender,
AuthenticateEventArgs e)
{

MembershipUser user =
Membership.GetUser(Login1.UserName, false);

if (user == null)
return;

if (!user.IsApproved)
{
Login1.FailureText = "You have not yet been
approved";
Login1.FailureAction =
LoginFailureAction.Refresh;
e.Authenticated = false;
}
else
{
e.Authenticated = Membership.ValidateUser (
Login1.UserName, Login1.Password );
}

}

> -----Original Message-----
> From: Athena [(E-Mail Removed)]
> Posted At: Thursday, 29 November 2007 10:55 AM
> Posted To: microsoft.public.dotnet.framework.aspnet
> Conversation: Where in User.Identity.Name gets a value in Login
> control?
> Subject: Where in User.Identity.Name gets a value in Login control?
>
> Hello,
>
> For a logging application I need to test the value of
> User.Identity.Name
> together with User.Identity.IsAuthenticated to direct the program

flow.
> I
> tried Login.Authenticated, LoggedIn and Page_Load events. In all cases
> the
> value is returned as empty. Based on whether this value equal to
> "admin" I
> would like to make a CreateUserWizard control visible if the user is
> authenticated. I would appreciate if you give me a code example.

Thank
> you.
>
> Athena


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Return of gets gets John Joyce Ruby 0 04-23-2007 01:38 PM
at some point the value of my variable gets broken - how to track when? r.z. C++ 2 04-16-2007 05:09 PM
gets gets John Joyce Ruby 2 03-26-2007 04:00 PM
XMLHttpRequest gets data to display in element but data gets appended not replaces previous! libsfan01 Javascript 5 12-20-2006 06:25 AM
Not only the selected HREF gets surrounded, but the whole row gets surrounded Stefan Mueller HTML 5 07-10-2006 11:53 AM



Advertisments