customize the httpcontext.current.user

Discussion in 'ASP .Net' started by Victor, Apr 5, 2007.

  1. Victor

    Victor Guest

    Hi all
    Does anyone has any reference or examples about how to customize the
    httpcontext.current.user object to my own user object?

    Cheers
    Victor
     
    Victor, Apr 5, 2007
    #1
    1. Advertising

  2. Hi Victor,

    HttpContext.Current.User is of type IPrincipal; a Principal object contains
    Identities and Roles. You can find an article on how to implement
    IPrincipal in ASP.NET:

    #Building Secure ASP.NET Applications: Authentication, Authorization, and
    Secure Communication
    http://msdn2.microsoft.com/en-us/library/aa302401.aspx

    Please feel free to let me know if you have anything unclear. Thanks.


    Sincerely,
    Walter Wang (, remove 'online.')
    Microsoft Online Community Support

    ==================================================
    Get notification to my posts through email? Please refer to
    http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
    ications. If you are using Outlook Express, please make sure you clear the
    check box "Tools/Options/Read: Get 300 headers at a time" to see your reply
    promptly.

    Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
    where an initial response from the community or a Microsoft Support
    Engineer within 1 business day is acceptable. Please note that each follow
    up response may take approximately 2 business days as the support
    professional working with you may need further investigation to reach the
    most efficient resolution. The offering is not appropriate for situations
    that require urgent, real-time or phone-based interactions or complex
    project analysis and dump analysis issues. Issues of this nature are best
    handled working with a dedicated Microsoft Support Engineer by contacting
    Microsoft Customer Support Services (CSS) at
    http://msdn.microsoft.com/subscriptions/support/default.aspx.
    ==================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Walter Wang [MSFT], Apr 5, 2007
    #2
    1. Advertising

  3. Hi Victor,

    Have you seen above suggestion? Would you please let me know the status of
    this post? Thanks.


    Regards,
    Walter Wang (, remove 'online.')
    Microsoft Online Community Support

    ==================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    ==================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Walter Wang [MSFT], Apr 10, 2007
    #3
  4. Victor

    Victor Guest

    Hi Walter:
    Thanks for the reply. What I want is more complicated. I have a customized
    user object. (which contains infomation about the user'a name gender email
    homeaddress.. all sorts of the user detail info) The thing I want to achieve
    is to store all the info in someplace (perfer not session) so that I can
    access these info without accessing database everytime. I tried to overwrite
    the httpcontext.current.user object. but i found after a new request, all my
    infomation will be lost. only that three fields for the iidentity class left
    (Name, IsAuthenticated ,AuthenticationType ). And I dont know how to fix
    that. Now what i did is save my user infomation in the
    httpcontext.current.items collection. that means i have initilize my user
    object for each request, which is not exactly i want, but better than access
    db everytime i try to use the user object.
    Before that I also try to save the info in the thread's name slot. but i
    found it's not stable when i use ajax in my website.

    Do you know any other way to achieve my goal?

    Thanks a lot :)
    Victor

    "Walter Wang [MSFT]" <> wrote in message
    news:...
    > Hi Victor,
    >
    > Have you seen above suggestion? Would you please let me know the status of
    > this post? Thanks.
    >
    >
    > Regards,
    > Walter Wang (, remove 'online.')
    > Microsoft Online Community Support
    >
    > ==================================================
    > When responding to posts, please "Reply to Group" via your newsreader so
    > that others may learn and benefit from your issue.
    > ==================================================
    >
    > This posting is provided "AS IS" with no warranties, and confers no
    > rights.
    >
     
    Victor, Apr 10, 2007
    #4
  5. Hi Victor,

    I don't understand why the custom IPrincipal object will lose custom
    information, unless the IPrincipal object is not the custom one already. I
    mean: if your class implements IPrincipal and create the instance in
    Application_AuthenticateRequest and assign to Context.User, it should keep
    the reference and you can always cast it to your custom class when used. If
    you only see the Name, IsAuthenticated, AuthenticationType properties,
    that's because the reference type is IPrincipal. You need to cast it to
    your custom class:

    CustomPrincipal myPrincipal = (CustomPrincipal) HttpContext.Current.User;


    Above code is about the custom IPrincipal, I understand you're implementing
    a custom IIdentity, which is accessed from IPrincipal.Identity, which also
    need to cast to your cusom implementation class to access those custom
    information you added.


    Take a step back to look at your question, I understand you only need to
    store some information for the current logined user, I think customizing
    the IPrincipal and IIdentity may not be needed. Based on my understanding,
    such information should be ok if we store them in the Session and use a
    well known key to access them, I'm wondering why you think the Session is
    not appropriate here?



    Regards,
    Walter Wang (, remove 'online.')
    Microsoft Online Community Support

    ==================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    ==================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Walter Wang [MSFT], Apr 11, 2007
    #5
  6. Victor

    Victor Guest

    Hi Walter:
    The reason that I don't use session is because my manager don't want to use
    that. He worries about if there are a lot of user access our website at the
    same time (perhaps 10,000 at about 5mins something like that). It will crash
    the session server. Is there good way to dealing this situation?

    Thanks for the help!
    Victor

    "Walter Wang [MSFT]" <> дÈëÏûÏ¢
    news:...
    > Hi Victor,
    >
    > I don't understand why the custom IPrincipal object will lose custom
    > information, unless the IPrincipal object is not the custom one already. I
    > mean: if your class implements IPrincipal and create the instance in
    > Application_AuthenticateRequest and assign to Context.User, it should keep
    > the reference and you can always cast it to your custom class when used.
    > If
    > you only see the Name, IsAuthenticated, AuthenticationType properties,
    > that's because the reference type is IPrincipal. You need to cast it to
    > your custom class:
    >
    > CustomPrincipal myPrincipal = (CustomPrincipal) HttpContext.Current.User;
    >
    >
    > Above code is about the custom IPrincipal, I understand you're
    > implementing
    > a custom IIdentity, which is accessed from IPrincipal.Identity, which also
    > need to cast to your cusom implementation class to access those custom
    > information you added.
    >
    >
    > Take a step back to look at your question, I understand you only need to
    > store some information for the current logined user, I think customizing
    > the IPrincipal and IIdentity may not be needed. Based on my understanding,
    > such information should be ok if we store them in the Session and use a
    > well known key to access them, I'm wondering why you think the Session is
    > not appropriate here?
    >
    >
    >
    > Regards,
    > Walter Wang (, remove 'online.')
    > Microsoft Online Community Support
    >
    > ==================================================
    > When responding to posts, please "Reply to Group" via your newsreader so
    > that others may learn and benefit from your issue.
    > ==================================================
    >
    > This posting is provided "AS IS" with no warranties, and confers no
    > rights.
    >
     
    Victor, Apr 11, 2007
    #6
  7. Hi Victor,

    I understand your concern is about the performance maybe affected if you
    store the user information in Session. However, if you want to avoid
    querying database everytime the information is needed, I'm afraid saving it
    in the Session state is really the only way to go.

    Customizing HttpContext.Current requires you set it in every request
    (Application_AuthenticateRequest), which doesn't meet your requirement.

    To avoid 10000 users login in a very short time period, you could use lazy
    loading to load the user information only when needed: you simply create a
    utility method to return a User Information class from Session, and if it's
    not in Session yet, you initialize it from database and store it in
    Session.

    Please reply to let me know your opinion on this suggestion.


    Regards,
    Walter Wang (, remove 'online.')
    Microsoft Online Community Support

    ==================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    ==================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Walter Wang [MSFT], Apr 12, 2007
    #7
  8. Hi Victor,

    Please let me know if you want to continue work on this issue. You can also
    email me directly. Thanks.


    Regards,
    Walter Wang (, remove 'online.')
    Microsoft Online Community Support

    ==================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    ==================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Walter Wang [MSFT], Apr 17, 2007
    #8
  9. Victor

    Victor Guest

    Hi Walter:
    Thanks very much for your help. :) I decided to use session for now. I
    aleardy apply lazy loading in my code.
    thanks again for your help

    Victor
    "Walter Wang [MSFT]" <> wrote in message
    news:4R0h$...
    > Hi Victor,
    >
    > Please let me know if you want to continue work on this issue. You can
    > also
    > email me directly. Thanks.
    >
    >
    > Regards,
    > Walter Wang (, remove 'online.')
    > Microsoft Online Community Support
    >
    > ==================================================
    > When responding to posts, please "Reply to Group" via your newsreader so
    > that others may learn and benefit from your issue.
    > ==================================================
    >
    > This posting is provided "AS IS" with no warranties, and confers no
    > rights.
    >
     
    Victor, Apr 22, 2007
    #9
  10. Hi Victor,

    Thanks for the update.

    Have a nice day!


    Regards,
    Walter Wang (, remove 'online.')
    Microsoft Online Community Support

    ==================================================
    When responding to posts, please "Reply to Group" via your newsreader so
    that others may learn and benefit from your issue.
    ==================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Walter Wang [MSFT], Apr 23, 2007
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mike Newton
    Replies:
    0
    Views:
    2,951
    Mike Newton
    Jul 23, 2004
  2. Steve C. Orr [MVP, MCSD]
    Replies:
    0
    Views:
    1,660
    Steve C. Orr [MVP, MCSD]
    Jul 23, 2004
  3. nalbayo
    Replies:
    2
    Views:
    5,569
    Bruce Barker
    Nov 11, 2005
  4. Dwight Johnson

    HttpContext.Current.User returns old user id

    Dwight Johnson, Feb 16, 2010, in forum: ASP .Net
    Replies:
    1
    Views:
    1,307
    Alexey Smirnov
    Feb 28, 2010
  5. Tony

    Dim context As HttpContext = HttpContext.Current

    Tony, Mar 2, 2004, in forum: ASP .Net Web Controls
    Replies:
    2
    Views:
    335
    Teemu Keiski
    Mar 3, 2004
Loading...

Share This Page