Newbee question; form authentication


N

Nico den Boer

Hello all,

I have a problem with retrieving roles.

In the login form, I do the following things;
- Retrieve roles (string, format like "Administrator|User|Guest")
- Create a FormsAuthenticationTicket with these roles as parameter
- Crypt the thicket, create a cookie with this ticket
- Store the cookie in the response / session

(traced / debugged this part, works fine)

In the global.asax.cs, method Application_AuthenticateRequest, I:
- Retrieve the cookie, decrypt it, split the roles into an array
- Create a new FormsIdentity object, IPrincipal object and store that one to
Context.User

For this, I followed the instructions in
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmod/html/secmod18.asp

In a all user forms, I can now extract the username via
Context.User.Identity.Name
That works fine.

The problem is now that the roles are lost somewhere, somehow. It's like
magic...
Tracing everyting, retrieving and decrypting the cookie works fine, but
authTicket.UserData is an empty string.

Now where are my roles ?
Any help would be greatly appriciated.

Kind regards, Nico
 
Ad

Advertisements

Ad

Advertisements

N

Nico den Boer

Thanks Hernan,

I've read the articles, they are very useful !

Kind regards,
Nico
 

Top