Session Object from Application

[Jonathan Wood]

I was experimenting with putting code in the Application_AuthenticateRequest
hander.

I called some static code and found that HttpContext.Current.Session was
null!

Is this yet another limitation of ASP.NET? That the Session object has not
been initialized? I was going to use that to determine if the user should be
redirected but I can't seem to make anything work.

 

[Patrice]

The later. If the user is not yet authenticated, it makes sense that its
session is not already binded to the current request. Checking the doc
should confirm this.

You'll likely have to do what you want in a later event such as
PostAcquireRequestState (that should be ideal if you need to have session
information available...)

 

[Jonathan Wood]

Patrice,

The later. If the user is not yet authenticated, it makes sense that its
session is not already binded to the current request. Checking the doc
should confirm this.

Well, according to the documentation, the Application_AuthenticateRequest
"signals that the configured authentication mechanism has authenticated the
current request." So it doesn't really seem to me to make any sense, just
like the Login control's LoggedIn event is called before role information
has been initialized for the current user.

You'll likely have to do what you want in a later event such as
PostAcquireRequestState (that should be ideal if you need to have session
information available...)

That might work. Thanks!

 

[Guest]

It must work
because according the ASP.NET Page life cycle the HttpContext is not ready
in AuthenticateRequest state

 

[Jonathan Wood]

Michael,

It must work
because according the ASP.NET Page life cycle the HttpContext is not ready
in AuthenticateRequest state

Unfortunately, it doesn't seem that it will work for me, although what you
say may be perfectly true. (Please see my "Redirecting Users: Please Help"
post.)

That said, I would like to see this "ASP.NET Page life cycle." Can you tell
me where this information is?

Thanks.

--
Jonathan Wood
SoftCircuits Programming
http://www.softcircuits.com

It must work
because according the ASP.NET Page life cycle the HttpContext is not ready
in AuthenticateRequest state

--
WBR, Michael Nemtsev [.NET/C# MVP].
Blog: http://spaces.live.com/laflour

Patrice,


Well, according to the documentation, the Application_AuthenticateRequest
"signals that the configured authentication mechanism has authenticated
the
current request." So it doesn't really seem to me to make any sense, just
like the Login control's LoggedIn event is called before role information
has been initialized for the current user.


That might work. Thanks!

 

[Juan T. Llibre]

re:
!> That said, I would like to see this "ASP.NET Page life cycle."
!> Can you tell me where this information is?

http://msdn2.microsoft.com/en-us/library/ms178472(VS.80).aspx

Michael,

It must work
because according the ASP.NET Page life cycle the HttpContext is not ready
in AuthenticateRequest state

Unfortunately, it doesn't seem that it will work for me, although what you say may be perfectly true. (Please see my
"Redirecting Users: Please Help" post.)

That said, I would like to see this "ASP.NET Page life cycle." Can you tell me where this information is?

Thanks.

--
Jonathan Wood
SoftCircuits Programming
http://www.softcircuits.com

It must work
because according the ASP.NET Page life cycle the HttpContext is not ready
in AuthenticateRequest state

--
WBR, Michael Nemtsev [.NET/C# MVP].
Blog: http://spaces.live.com/laflour

Patrice,

The later. If the user is not yet authenticated, it makes sense that its
session is not already binded to the current request. Checking the doc
should confirm this.

Well, according to the documentation, the Application_AuthenticateRequest
"signals that the configured authentication mechanism has authenticated the
current request." So it doesn't really seem to me to make any sense, just
like the Login control's LoggedIn event is called before role information
has been initialized for the current user.

You'll likely have to do what you want in a later event such as
PostAcquireRequestState (that should be ideal if you need to have session
information available...)

That might work. Thanks!

 

[Guest]

See there http://www.google.com/search?q=ASP.NET+Page+life+cycle

--
WBR, Michael Nemtsev [.NET/C# MVP].
Blog: http://spaces.live.com/laflour

That said, I would like to see this "ASP.NET Page life cycle." Can you tell
me where this information is?

Thanks.

--
Jonathan Wood
SoftCircuits Programming
http://www.softcircuits.com

It must work
because according the ASP.NET Page life cycle the HttpContext is not ready
in AuthenticateRequest state

--
WBR, Michael Nemtsev [.NET/C# MVP].
Blog: http://spaces.live.com/laflour

Patrice,

The later. If the user is not yet authenticated, it makes sense that
its
session is not already binded to the current request. Checking the doc
should confirm this.

Well, according to the documentation, the Application_AuthenticateRequest
"signals that the configured authentication mechanism has authenticated
the
current request." So it doesn't really seem to me to make any sense, just
like the Login control's LoggedIn event is called before role information
has been initialized for the current user.

You'll likely have to do what you want in a later event such as
PostAcquireRequestState (that should be ideal if you need to have
session
information available...)

That might work. Thanks!