Problem with FormsAuthentication

D

David

Hi all,

I am having a slight issue with FormsAuthentication.

I need to authenticate a user and while the page is still being processed,
need to work with that authenticated user. I have set up a test page as
follows...

private void Page_Load(object sender, System.EventArgs e)
{
// Put user code to initialize the page here
Label1.Text = User.Identity.IsAuthenticated.ToString();
}

private void Button1_Click(object sender, System.EventArgs e)
{
FormsAuthentication.SetAuthCookie("David", false);
Label2.Text = User.Identity.Name;
Label3.Text = "Sign In Button Clicked";
}

private void Button2_Click(object sender, System.EventArgs e)
{
FormsAuthentication.SignOut();
Label2.Text = User.Identity.Name;
Label3.Text = "Sign Out Button Clicked";
}

When I click button1, I need label2.text to show "David", however, it does
not do this until I refresh the page (I can even click the sign out button,
then it will show "David" but only once.)

If I click button2, I expect it to sign me out, but as demonstrated, it
doesn't sign out straight away.

How else can I do this, without setting up a boolean property? I have done
some searching. The results suggest that when I SetAuthCookie or SignOut,
then I am logged in (or out, as the case may be).

Thanks.

Best regards,
Dave Colliver.
http://www.AshfieldFOCUS.com
~~
http://www.FOCUSPortals.com - Local franchises available
 
J

jasonkester

David said:
private void Button1_Click(object sender, System.EventArgs e)
{
FormsAuthentication.SetAuthCookie("David", false);
Label2.Text = User.Identity.Name;
Label3.Text = "Sign In Button Clicked";
}
Click to expand...


Why not:

private void Button1_Click(object sender, System.EventArgs e)
{
FormsAuthentication.SetAuthCookie("David", false);
Label2.Text = "David";
Label3.Text = "Sign In Button Clicked";
}

As in, you already have everything you need to know about the user when
you authorize him. Why would you want to look anything back up?

To answer your question though, take a look at the name of the method
you're calling: SetAuthCookie(). You are setting a cookie, which will
be sent along with the HTTPHeaders to the browser, and be returned to
you at the next request from that browser. At that point you'll be
able to read it. Before that, it's not part of the Cookies collection,
and thus not parsed by the ASP.NET helper functions that drop its value
back into User.Identity for you.

Hope this helps.


Jason Kester
Expat Software Consulting Services
http://www.expatsoftware.com/
 
D

David

jasonkester said:
Why not:

private void Button1_Click(object sender, System.EventArgs e)
{
FormsAuthentication.SetAuthCookie("David", false);
Label2.Text = "David";
Label3.Text = "Sign In Button Clicked";
}

As in, you already have everything you need to know about the user when
you authorize him. Why would you want to look anything back up?

To answer your question though, take a look at the name of the method
you're calling: SetAuthCookie(). You are setting a cookie, which will
be sent along with the HTTPHeaders to the browser, and be returned to
you at the next request from that browser. At that point you'll be
able to read it. Before that, it's not part of the Cookies collection,
and thus not parsed by the ASP.NET helper functions that drop its value
back into User.Identity for you.

Hope this helps.


Jason Kester
Expat Software Consulting Services
http://www.expatsoftware.com/
Click to expand...

Hi,

The example I posted was just a test to demonstrate what happens.

I know that SetAuthCookie sends a cookie down to the browser so that other
pages can read it later. What I was thinking was that it might also set a
flag somewhere in .NET whilst the page is running, showing me that the user
is Authenticated. Something like setting the Context properties, such as
User.Identity.IsAuthenticated = true and User.Identity.Name = "David".
Obviously not, so, I need to check the page later to see if the user is
Authenticated whilst the page is still running. How can I do this?

As an added information... the FormsAuthentication is done in a user
control. In the parent page, I am also checking if the
User.Identity.IsAuthenticated is set. As the two Identity values are only
gets, I need an alternative way to set them other than a round trip from the
browser.

Best regards,
Dave Colliver.
http://www.AshfieldFOCUS.com
~~
http://www.FOCUSPortals.com - Local franchises available
 
J

jasonkester

You could set a member variable on the user control when you
authenticate user. Throw in a public accessor to that variable and the
containing page will be able to read it.

Again, you'll have all the information you need at the time you call
SetAuthCookie. I agree it's sort of lame that you can't simply read
this information back out of User.Identity, but it's really not that
much extra work to stash it somewhere accessable for the remainder of
the page load.

My only idea as to why they designed it this way comes from looking at
their example code. In every case, the call immediately after
SetAuthCookie is RedirectFromLogin.

Good luck!

Jason Kester
Expat Software Consulting Services
http://www.expatsoftware.com/
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

FormsAuthentication Problem 1
Problem with FormsAuthentication and SetAuthCookie 1
Problem in getting dashboard page from login page in python pycharm using POST command 0
DESPERATE: FormsAuthentication Problem 4
problem with multiple values of Listbox 9
FormsAuthentication and Session 2
formsauthentication timeout & session timeout 1
Getting value of instances of variable. 1

Members online

Total: 34 (members: 1, guests: 33)
Robots: 370

Forum statistics

Threads
473,755
Messages
2,569,537
Members
45,020
Latest member
GenesisGai

Latest Threads

Top