strange Formsauthentication behavior

K

Kevin Yu

hi all,

in formsauthentication, the global.asax event
Application_Authenticationrequest() event should run once before the page
httphandler runs, correct?
because the global.asax inherites the HttpModule class, but I am see some
odd behabivor when using formsauthentication in 2.0.

on the same level as the login.aspx page, I have a folder called Admin with
some aspx pages inside. the pages that are on the same level as the login
page seems to work find - the Application_Authenticationrequest() run once
before the page_load, but when accssing the page inside of the Admin
folder, the Application_Authenticationrequest() is fired twice after the
page_load event. am I missing something here?


Kevin

here's the code for login:

protected void btnLogin_Click(object sender, EventArgs e)

{

if (IsAuthenticated(this.txtUserName.Text.Trim(),
this.txtPassword.Text.Trim()))

{

// Create the authentication ticket

FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, //
version

this.txtUserName.Text.Trim(),// user name

DateTime.Now, // creation

DateTime.Now.AddMinutes(60),// Expiration

false, // Persistent

string.Empty); // User data



// Now encrypt the ticket.

string encryptedTicket = FormsAuthentication.Encrypt(authTicket);

// Create a cookie and add the encrypted ticket to the

// cookie as data.

HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName,
encryptedTicket);

// Add the cookie to the outgoing cookies collection.

Response.Cookies.Add(authCookie);

// Redirect the user to the originally requested page

FormsAuthentication.RedirectFromLoginPage(this.txtUserName.Text, false);

}

else

{

this.lblMsg.Text = "Login failed.";

}

}



and the code in the

void Application_AuthenticateRequest(Object sender, EventArgs e)

{

// Extract the forms authentication cookie

string cookieName = FormsAuthentication.FormsCookieName;

HttpCookie authCookie = Context.Request.Cookies[cookieName];

if (null == authCookie)

{

// There is no authentication cookie.

return;

}

string userName = HttpContext.Current.User.Identity.Name;

if (userName != null && userName != string.Empty)

{

//custom user object that implements IPrincipla interface

UserContext user = UserData.GetUserByUserName(userName);

HttpContext.Current.User = user;

}

}
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,901
Latest member
Noble71S45

Latest Threads

Top