Newbee question; form authentication

Discussion in 'ASP .Net Security' started by Nico den Boer, Nov 4, 2004.

  1. Hello all,

    I have a problem with retrieving roles.

    In the login form, I do the following things;
    - Retrieve roles (string, format like "Administrator|User|Guest")
    - Create a FormsAuthenticationTicket with these roles as parameter
    - Crypt the thicket, create a cookie with this ticket
    - Store the cookie in the response / session

    (traced / debugged this part, works fine)

    In the global.asax.cs, method Application_AuthenticateRequest, I:
    - Retrieve the cookie, decrypt it, split the roles into an array
    - Create a new FormsIdentity object, IPrincipal object and store that one to

    For this, I followed the instructions in

    In a all user forms, I can now extract the username via
    That works fine.

    The problem is now that the roles are lost somewhere, somehow. It's like
    Tracing everyting, retrieving and decrypting the cookie works fine, but
    authTicket.UserData is an empty string.

    Now where are my roles ?
    Any help would be greatly appriciated.

    Kind regards, Nico
    Nico den Boer, Nov 4, 2004
    1. Advertisements

  2. Hernan de Lahitte, Nov 5, 2004
    1. Advertisements

  3. Thanks Hernan,

    I've read the articles, they are very useful !

    Kind regards,
    Nico den Boer, Nov 8, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.