H
Hermit Dave
i am having a wierd problem with forms authentication... it doesnt the way
its supposed to but i work around does the job. would be thankful if anyone
can see what i might be doing wrong
this is how i create the ticket, add it to the cookie and pass it on to the
Response stream
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
lu.ToString(),
DateTime.Now,
DateTime.Now.AddMinutes(30),
false,
userinfo.Roles,
FormsAuthentication.FormsCookiePath);
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
hash);
HttpContext.Current.Response.Cookies.Add(cookie);
this is how i read it up in application_authenticaterequest
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
IPrincipal user = HttpContext.Current.User;
if(user != null && user.Identity.IsAuthenticated && (user.Identity is
FormsIdentity))
{
FormsIdentity id = (FormsIdentity)user.Identity;
FormsAuthenticationTicket ticket = id.Ticket;
string[] roles = ticket.UserData.Split(',');
user = new GenericPrincipal(id, roles);
}
}
now on my page if i use
if(this.Context.User.Identity.IsInRole("authors") == true)
{
// having logged on with a user with this role
// it should come in here but it doesnt
}
the IsInRole for some reason flakes out...
however i can do this
FormsIdentity id = (FormsIdentity)user.Identity;
string userRole = id.Ticket.UserData;
if(userRole == "authors")
{
// its all fine now
}
first i was using multiple roles... didnt work.. so i used got around using
!= false for IsInRole and checking for all roles but that and that did it..
then i modified each user to only have one role. even there the problem
remains...
I look forward to your thoughts on this one.
--
Regards,
Hermit Dave
(http://hdave.blogspot.com)
its supposed to but i work around does the job. would be thankful if anyone
can see what i might be doing wrong
this is how i create the ticket, add it to the cookie and pass it on to the
Response stream
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
lu.ToString(),
DateTime.Now,
DateTime.Now.AddMinutes(30),
false,
userinfo.Roles,
FormsAuthentication.FormsCookiePath);
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName,
hash);
HttpContext.Current.Response.Cookies.Add(cookie);
this is how i read it up in application_authenticaterequest
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
IPrincipal user = HttpContext.Current.User;
if(user != null && user.Identity.IsAuthenticated && (user.Identity is
FormsIdentity))
{
FormsIdentity id = (FormsIdentity)user.Identity;
FormsAuthenticationTicket ticket = id.Ticket;
string[] roles = ticket.UserData.Split(',');
user = new GenericPrincipal(id, roles);
}
}
now on my page if i use
if(this.Context.User.Identity.IsInRole("authors") == true)
{
// having logged on with a user with this role
// it should come in here but it doesnt
}
the IsInRole for some reason flakes out...
however i can do this
FormsIdentity id = (FormsIdentity)user.Identity;
string userRole = id.Ticket.UserData;
if(userRole == "authors")
{
// its all fine now
}
first i was using multiple roles... didnt work.. so i used got around using
!= false for IsInRole and checking for all roles but that and that did it..
then i modified each user to only have one role. even there the problem
remains...
I look forward to your thoughts on this one.
--
Regards,
Hermit Dave
(http://hdave.blogspot.com)