Custom HttpModule & HttpSessionState

[Gilles]

Hi,

I'm using a custom HttpModule.
Implementation as follow:

internal class CustomHtttpModule:IHttpModule
{
public void Init(HttpApplication app)
{
app.AuthenticationRequest += new EventHandler(OnAuthenticate);
}

private void OnAuthenticate(object sender, EventArgs e)
{
HttpContext context = HttpContext.Current;
HttpCookie httpCookie =
context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (httpCookie != null)
{
FormsAuthenticationTicket ticket =
FormsAuthentication.Decrypt(httpCookie.Value);
if (ticket!=null)
{
CustomPrincipal user = new CustomPrincipal(ticket);
System.Web.HttpContext.Current.User = user;
}
}
}
}

Authentication works but i'm losing Session when i try to enter in a
Web Site.
Can you help?

 

[Girish bharadwaj]

This is truly a shot in the dark.Is it possible that your constructed
CustomPrincipal is not behaving like others ???
Because the attempt to acquire session state occurs after Authentication (of
course) and it might be using something about the User. Can you try to trace
the calls into your Principal and see if they are actually getting acquired
correctly or is it ending up with new sessions all the time.

 

[CHRISTOPHE Gilles]

Thanks for reply.

I'm always retreiving the custom Principal from HttpContext.

In fact, when i use PrincipalPermission Attribute in a page, the method
customPrincipal.IsInRole() is called.
Then i try to get roles from HttpContext.Current.Session and have
session null.

I did not find out a way to get the current session.

 

[Guest]

Hello,

Not sure if this will help or not, but I had to move most of my
authentication code from my Authenticate event to my AcquireRequestState
event because thats where the SessionStateModule assocaiates the session to
the current request.

Hope this helps.

Todd