Losing custom identity

M

martymcdonald

For authentication we are using an external DB. I can use Forms
authentication and use the loginUrl="MyLoginForm.aspx" just fine. But
for authorization, we cannot use a static list of roles for people,
their authorization depends on factors which change as they use the
system.

We must determine roles on every page hit, using information in our
custom identity, which is changed as user uses system. I examine
custom identity, determine roles, create principal accordingly, then
attach it to HttpContext.Current.User. But after redirecting to
another page, the HttpContext.Current.User identity reverts back to a
"Windows" identity and also the principal's information is gone too
(reverts to generic principal without my role info).

How does one modify the HttpContext.Current.User and have it persist
between redirects? Thanks!
 
M

martymcdonald

This is no longer an issue. I've decided to handle the matter
differently. Thanks!
 
D

Dominick Baier [DevelopMentor]

Hello (e-mail address removed),

normally - the place to attach roles to a Principal and replace Context.User
is in the Authenticate_Request event (in Global.asax or a HttpModule).
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,743
Messages
2,569,478
Members
44,899
Latest member
RodneyMcAu

Latest Threads

Top