newbie seeks User.Identity and Application_AuthenticateRequest help

Discussion in 'ASP .Net Security' started by Mad Scientist Jr, May 27, 2004.

  1. I'm trying to understand how security works in a ASP.NET c# project.
    The global.asax has this code:

    protected void Application_AuthenticateRequest(Object sender,EventArgs e)
    {
    HttpCookie rolesCookie = Request.Cookies["roles"];
    if ((!(rolesCookie==null)) && (!(Context.User==null)))
    {
    GenericIdentity gi = new GenericIdentity(User.Identity.Name);
    GenericPrincipal gp = new GenericPrincipal(gi, rolesCookie.Value.Split('|'));
    Context.User = gp;
    }
    }

    and on another page, they get the user name from this code:

    string strUserName = HttpContext.Current.User.Identity.Name;

    Unfortunately, I'm missing the login screen.

    How is the user name being set?

    Is it possible to do something like:

    HttpContext.Current.User.Identity.Name = "johndoe";

    ?

    thanks
     
    Mad Scientist Jr, May 27, 2004
    #1
    1. Advertisements

  2. This article describes how to implement Forms Authentication with roles and
    a Generic Principal:
    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT04.asp

    I've implemented the example from the link above, and fixed a problem with
    persisting the cookie, using xml in the cookie's FormsAuthenticationTicket
    to store the "persist" setting plus the roles. Also extended the example
    with a user database. You can download my source + database from here:
    http://www.geocities.com/gaupen/index.htm?NETStuff.htm

    The example is called GenericPrincipalApp.

    Sincerely
    Svein Terje Gaup

    "Mad Scientist Jr" <> wrote in message
    news:...
    > I'm trying to understand how security works in a ASP.NET c# project.
    > The global.asax has this code:
    >
    > protected void Application_AuthenticateRequest(Object sender,EventArgs e)
    > {
    > HttpCookie rolesCookie = Request.Cookies["roles"];
    > if ((!(rolesCookie==null)) && (!(Context.User==null)))
    > {
    > GenericIdentity gi = new GenericIdentity(User.Identity.Name);
    > GenericPrincipal gp = new GenericPrincipal(gi,

    rolesCookie.Value.Split('|'));
    > Context.User = gp;
    > }
    > }
    >
    > and on another page, they get the user name from this code:
    >
    > string strUserName = HttpContext.Current.User.Identity.Name;
    >
    > Unfortunately, I'm missing the login screen.
    >
    > How is the user name being set?
    >
    > Is it possible to do something like:
    >
    > HttpContext.Current.User.Identity.Name = "johndoe";
    >
    > ?
    >
    > thanks
     
    Svein Terje Gaup, May 31, 2004
    #2
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Giovanni Bassi
    Replies:
    0
    Views:
    724
    Giovanni Bassi
    Oct 20, 2003
  2. nalbayo
    Replies:
    2
    Views:
    5,680
    Bruce Barker
    Nov 11, 2005
  3. Frederick D'hont
    Replies:
    0
    Views:
    378
    Frederick D'hont
    Jul 25, 2005
  4. Replies:
    6
    Views:
    556
  5. Jeffrey
    Replies:
    3
    Views:
    172
    Joe Kaplan
    Sep 27, 2007
Loading...

Share This Page