Forms Authentication. Roles problem in IIS7. Any idea? Anyone?

Discussion in 'ASP .Net' started by shapper, Oct 28, 2009.

  1. shapper

    shapper Guest

    Hello,

    I have my own membership system but that uses form authentication.

    I am able to login and logout with not problems both when I am testing
    the web application in VS2008 or in IIS 7.

    However, while in VS2008 testing, after login, the user gets its roles
    in IIS7 the user contains no roles.

    I really have no idea why this is happening ... specially because it
    is only Roles in IIS7!

    My Login code:

    User user = _userService.GetByUsername(username);
    if (user != null) {

    // Create authentication ticket
    FormsAuthenticationTicket ticket = new
    FormsAuthenticationTicket(1, user.Username, DateTime.UtcNow,
    DateTime.UtcNow.AddMinutes(30), true, String.Join(",",
    user.Roles.Select(r => r.Name).ToArray()),
    FormsAuthentication.FormsCookiePath);

    // Encrypt cookie with machine key
    String hash = FormsAuthentication.Encrypt(ticket);
    HttpCookie cookie = new HttpCookie
    (FormsAuthentication.FormsCookieName, hash);

    // Define experation time
    if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;

    // Add cookie to outgoing response
    HttpContext.Current.Response.Cookies.Add(cookie);

    And I have the following module:

    // MembershipModule
    public class MembershipModule : IHttpModule {

    public void Init(HttpApplication application) {

    application.AuthenticateRequest += new EventHandler
    (this.OnAuthenticateRequest);

    } // Init

    public void Dispose() {
    } // Dispose

    public void OnAuthenticateRequest(Object sender, EventArgs e) {

    // Check current user
    if (HttpContext.Current.User != null) {

    // Check if authenticated
    if (HttpContext.Current.User.Identity.IsAuthenticated) {

    // Check identity
    if (HttpContext.Current.User.Identity is FormsIdentity) {

    // Define ticket
    FormsAuthenticationTicket ticket =
    FormsAuthentication.Decrypt(HttpContext.Current.Request.Cookies
    [FormsAuthentication.FormsCookieName].Value);

    // Define roles
    String[] roles = ticket.UserData.Split(',');

    // Define user
    FormsIdentity id = (FormsIdentity)
    HttpContext.Current.User.Identity;
    HttpContext.Current.User = new GenericPrincipal(id,
    roles);

    }
    }
    }

    } // OnAuthenticateRequest

    Does anyone has any idea what is going wrong?

    Thanks,
    Miguel
     
    shapper, Oct 28, 2009
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Eric
    Replies:
    2
    Views:
    1,568
    Tommy
    Feb 13, 2004
  2. Sean Patterson

    Problem with forms authentication roles

    Sean Patterson, Feb 1, 2005, in forum: ASP .Net
    Replies:
    0
    Views:
    407
    Sean Patterson
    Feb 1, 2005
  3. Dr Mephesto

    App idea, Any idea on implementation?

    Dr Mephesto, Feb 4, 2008, in forum: Python
    Replies:
    3
    Views:
    749
    Dennis Lee Bieber
    Feb 5, 2008
  4. Replies:
    0
    Views:
    656
  5. Eric
    Replies:
    2
    Views:
    648
Loading...

Share This Page