Application_AuthenticateRequest

D

dave

I have code in the Global.asax that adds roles to a logged in user, which
all works fine.

But, i noticed that every request for a page thereafter runs this code each
time - which requires a call to the DB, which is costly.

I have tried to run this same piece of code from another page, instead of
global.asax, but it never seems to be able to assign the roles to that
current user?

Is there something different i have to do in order to make it work elsewhere
(ie, not within global.asax file).

Thanks in advance!
 
C

Cy Huckaba

You could leave it in the global.asax page and put a conditional check in the
logic...for example.

If roles aren't set
call db
set roles

else
do nothing

end if

We have implemented some code like that for custom form authentication tickets.

Hope that helps,

Cy Huckaba
 
D

dave

Thanks

Did think about that one, but how do you check if a set of role(s) have been
set for a user?

Finally, do you know if it is the case that you cant set them anywhere else
apart from global.asax file. I have seen some samples that dont seem to be
in global, but those dont seem to work for me either???

Thanks again.
 
G

Guest

Do you want this to only happen the first time period that
the user ever logs in or do you want this to happen every
time the user starts a new session?

What about putting your code into the Session_Start in the
Global.asax (I don't know where you have it now)? And if
you only want to do it once period, then check first if it
has already been done before doing it... Either way, it
would only occur once per user per login so hopefully not
so bad...
 
C

Cy Huckaba

Here is some code that we used to reset a cookie in the authenticateRequest
method. This was a workaround because 1.0 wouldn't persist cookies across
subwebs. We had to reset the cookie on every request if they already had one.

Dim hasClientCookie As Boolean = False

'client cookie
Try
Dim c As HttpCookie
c = Request.Cookies(ConfigurationSettings.AppSettings("clientid"))
'if cookie is not there it will bomb out and skip the rest

c.Path = "/" & ConfigurationSettings.AppSettings("clientid")
c.Expires = Now.AddDays(90)
Response.Cookies.Add(c)

FormsAuthentication.SetAuthCookie(User.Identity.Name, True)

hasClientCookie = True

'Response.Write(" : client cookie")

Catch
'do nothing
End Try


You can see we had access to the User object. I belive you can use that to
create an IPrincipal object and check roles. I haven't done this specifically
here so I don't know for sure.

The other thing is that I did try to use this same functionality outside of the
global.asax file with no luck as well. It seemed I always had trouble getting a
reference to the current user or the current http context...it was always
something.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Application_AuthenticateRequest 3
Application_AuthenticateRequest and ASP.NET 2.0 0
Application_AuthenticateRequest 1
When exactly Application_AuthenticateRequest event is fired? 3
Problem with a login script, SESSION user rights and put this together so it works with the other pages and MySQL. Code examples. 2
Application_AuthenticateRequest Problem 0
Django authenticate problem 0
Difference from Application_AuthenticateRequest and FormsAuthenticationTicket 9

Members online

Total: 20 (members: 2, guests: 18)
Robots: 429

Forum statistics

Threads
473,768
Messages
2,569,574
Members
45,048
Latest member
verona

Latest Threads

Top