S
shapper
Hello,
I have my own membership system but that uses form authentication.
I am able to login and logout with not problems both when I am testing
the web application in VS2008 or in IIS 7.
However, while in VS2008 testing, after login, the user gets its roles
in IIS7 the user contains no roles.
I really have no idea why this is happening ... specially because it
is only Roles in IIS7!
My Login code:
User user = _userService.GetByUsername(username);
if (user != null) {
// Create authentication ticket
FormsAuthenticationTicket ticket = new
FormsAuthenticationTicket(1, user.Username, DateTime.UtcNow,
DateTime.UtcNow.AddMinutes(30), true, String.Join(",",
user.Roles.Select(r => r.Name).ToArray()),
FormsAuthentication.FormsCookiePath);
// Encrypt cookie with machine key
String hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie
(FormsAuthentication.FormsCookieName, hash);
// Define experation time
if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;
// Add cookie to outgoing response
HttpContext.Current.Response.Cookies.Add(cookie);
And I have the following module:
// MembershipModule
public class MembershipModule : IHttpModule {
public void Init(HttpApplication application) {
application.AuthenticateRequest += new EventHandler
(this.OnAuthenticateRequest);
} // Init
public void Dispose() {
} // Dispose
public void OnAuthenticateRequest(Object sender, EventArgs e) {
// Check current user
if (HttpContext.Current.User != null) {
// Check if authenticated
if (HttpContext.Current.User.Identity.IsAuthenticated) {
// Check identity
if (HttpContext.Current.User.Identity is FormsIdentity) {
// Define ticket
FormsAuthenticationTicket ticket =
FormsAuthentication.Decrypt(HttpContext.Current.Request.Cookies
[FormsAuthentication.FormsCookieName].Value);
// Define roles
String[] roles = ticket.UserData.Split(',');
// Define user
FormsIdentity id = (FormsIdentity)
HttpContext.Current.User.Identity;
HttpContext.Current.User = new GenericPrincipal(id,
roles);
}
}
}
} // OnAuthenticateRequest
Does anyone has any idea what is going wrong?
Thanks,
Miguel
I have my own membership system but that uses form authentication.
I am able to login and logout with not problems both when I am testing
the web application in VS2008 or in IIS 7.
However, while in VS2008 testing, after login, the user gets its roles
in IIS7 the user contains no roles.
I really have no idea why this is happening ... specially because it
is only Roles in IIS7!
My Login code:
User user = _userService.GetByUsername(username);
if (user != null) {
// Create authentication ticket
FormsAuthenticationTicket ticket = new
FormsAuthenticationTicket(1, user.Username, DateTime.UtcNow,
DateTime.UtcNow.AddMinutes(30), true, String.Join(",",
user.Roles.Select(r => r.Name).ToArray()),
FormsAuthentication.FormsCookiePath);
// Encrypt cookie with machine key
String hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie
(FormsAuthentication.FormsCookieName, hash);
// Define experation time
if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;
// Add cookie to outgoing response
HttpContext.Current.Response.Cookies.Add(cookie);
And I have the following module:
// MembershipModule
public class MembershipModule : IHttpModule {
public void Init(HttpApplication application) {
application.AuthenticateRequest += new EventHandler
(this.OnAuthenticateRequest);
} // Init
public void Dispose() {
} // Dispose
public void OnAuthenticateRequest(Object sender, EventArgs e) {
// Check current user
if (HttpContext.Current.User != null) {
// Check if authenticated
if (HttpContext.Current.User.Identity.IsAuthenticated) {
// Check identity
if (HttpContext.Current.User.Identity is FormsIdentity) {
// Define ticket
FormsAuthenticationTicket ticket =
FormsAuthentication.Decrypt(HttpContext.Current.Request.Cookies
[FormsAuthentication.FormsCookieName].Value);
// Define roles
String[] roles = ticket.UserData.Split(',');
// Define user
FormsIdentity id = (FormsIdentity)
HttpContext.Current.User.Identity;
HttpContext.Current.User = new GenericPrincipal(id,
roles);
}
}
}
} // OnAuthenticateRequest
Does anyone has any idea what is going wrong?
Thanks,
Miguel