Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > forms authentication question

Reply
Thread Tools

forms authentication question

 
 
bill yeager
Guest
Posts: n/a
 
      07-24-2003
Everything is working in my authentication process except
for the fact that I can't retrieve the "UserData" property
from the "FormsAuthenticationTicket".

Write before I do a "RedirectFromLoginPage", I check
the "UserData" property of
the "FormsAuthenticationTicket". It's set to the
value "Admin" (a role for the user) which is what I want.

Here is the code:

strUserName = CType(drOLEDBNicemScheduling.GetValue(1) &
Chr(32) & drOLEDBNicemScheduling.GetValue(2), String)
'Set the authentication ticket
Dim arrRoles(0) As String
arrRoles(0) =
drOLEDBNicemScheduling.GetValue(3)
Dim ticket As New
FormsAuthenticationTicket(1, strUserName, Now, DateAdd
(DateInterval.Minute, 60, Now),
ValidateLogin.PersistantCookie, arrRoles(0))
Dim cookie = New HttpCookie
(FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(ticket))
If ValidateLogin.PersistantCookie Then
Response.Cookies.Add(cookie)
End If
'Create Identity
Dim objIdentity As New
Security.Principal.GenericIdentity(strUserName)
Dim objPrincipal As New
Security.Principal.GenericPrincipal(objIdentity, arrRoles)

FormsAuthentication.RedirectFromLoginPage(strUserN ame,
ValidateLogin.PersistantCookie)

However, once I get in the Global.asax file in
the "Application_AuthenticateRequest" event (fired by the
FormsAuthentication.RedirectFromLoginPage method), I check
the "UserData" property of the ticket and it's an empty
string! All the other properties pertaining to the ticket
are there. I'm setting up the cookie, so the "Userdata"
property should be populated.

Here is the code in the global.asax file:

Sub Application_AuthenticateRequest(ByVal sender As
Object, ByVal e As EventArgs)

If (Not (HttpContext.Current.User Is Nothing)) Then
If
HttpContext.Current.User.Identity.AuthenticationTy pe
= "Forms" Then
If
HttpContext.Current.User.Identity.IsAuthenticated Then
Dim id As FormsIdentity =
HttpContext.Current.User.Identity
Dim ticket As
FormsAuthenticationTicket = id.Ticket
Dim roles(0) As String
roles(0) = ticket.UserData
HttpContext.Current.User = New
System.Security.Principal.GenericPrincipal(id, roles)
End If
End If
End If

End Sub

What am I doing wrong??? I need to be able to identify the
role of the user (they will only have 1 role).

Thanks,

Bill........
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Best practices for using forms authentication and security in a hosted env (was: Re: Using a Forms authentication in a shared hosting environment) JEFF ASP .Net 1 11-12-2007 07:00 PM
forms authentication -- expired forms cookie vs. not provided forms cookie Eric ASP .Net Security 2 01-27-2006 10:09 PM
Forms authentication - Multiple login forms based on directory acc Keltex ASP .Net Security 1 01-24-2006 03:06 PM
Forms Authentication question: How to have some pages open and some requiring forms authentication Eric ASP .Net 2 02-13-2004 02:14 PM
Forms Authentication, external authentication server, & rerouting to orig. req. URL Andrew Connell ASP .Net 1 10-21-2003 05:41 PM



Advertisments