K
Kevin Yu
hi all,
in formsauthentication, the global.asax event
Application_Authenticationrequest() event should run once before the page
httphandler runs, correct?
because the global.asax inherites the HttpModule class, but I am see some
odd behabivor when using formsauthentication in 2.0.
on the same level as the login.aspx page, I have a folder called Admin with
some aspx pages inside. the pages that are on the same level as the login
page seems to work find - the Application_Authenticationrequest() run once
before the page_load, but when accssing the page inside of the Admin
folder, the Application_Authenticationrequest() is fired twice after the
page_load event. am I missing something here?
Kevin
here's the code for login:
protected void btnLogin_Click(object sender, EventArgs e)
{
if (IsAuthenticated(this.txtUserName.Text.Trim(),
this.txtPassword.Text.Trim()))
{
// Create the authentication ticket
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, //
version
this.txtUserName.Text.Trim(),// user name
DateTime.Now, // creation
DateTime.Now.AddMinutes(60),// Expiration
false, // Persistent
string.Empty); // User data
// Now encrypt the ticket.
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
// Create a cookie and add the encrypted ticket to the
// cookie as data.
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName,
encryptedTicket);
// Add the cookie to the outgoing cookies collection.
Response.Cookies.Add(authCookie);
// Redirect the user to the originally requested page
FormsAuthentication.RedirectFromLoginPage(this.txtUserName.Text, false);
}
else
{
this.lblMsg.Text = "Login failed.";
}
}
and the code in the
void Application_AuthenticateRequest(Object sender, EventArgs e)
{
// Extract the forms authentication cookie
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = Context.Request.Cookies[cookieName];
if (null == authCookie)
{
// There is no authentication cookie.
return;
}
string userName = HttpContext.Current.User.Identity.Name;
if (userName != null && userName != string.Empty)
{
//custom user object that implements IPrincipla interface
UserContext user = UserData.GetUserByUserName(userName);
HttpContext.Current.User = user;
}
}
in formsauthentication, the global.asax event
Application_Authenticationrequest() event should run once before the page
httphandler runs, correct?
because the global.asax inherites the HttpModule class, but I am see some
odd behabivor when using formsauthentication in 2.0.
on the same level as the login.aspx page, I have a folder called Admin with
some aspx pages inside. the pages that are on the same level as the login
page seems to work find - the Application_Authenticationrequest() run once
before the page_load, but when accssing the page inside of the Admin
folder, the Application_Authenticationrequest() is fired twice after the
page_load event. am I missing something here?
Kevin
here's the code for login:
protected void btnLogin_Click(object sender, EventArgs e)
{
if (IsAuthenticated(this.txtUserName.Text.Trim(),
this.txtPassword.Text.Trim()))
{
// Create the authentication ticket
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, //
version
this.txtUserName.Text.Trim(),// user name
DateTime.Now, // creation
DateTime.Now.AddMinutes(60),// Expiration
false, // Persistent
string.Empty); // User data
// Now encrypt the ticket.
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
// Create a cookie and add the encrypted ticket to the
// cookie as data.
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName,
encryptedTicket);
// Add the cookie to the outgoing cookies collection.
Response.Cookies.Add(authCookie);
// Redirect the user to the originally requested page
FormsAuthentication.RedirectFromLoginPage(this.txtUserName.Text, false);
}
else
{
this.lblMsg.Text = "Login failed.";
}
}
and the code in the
void Application_AuthenticateRequest(Object sender, EventArgs e)
{
// Extract the forms authentication cookie
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = Context.Request.Cookies[cookieName];
if (null == authCookie)
{
// There is no authentication cookie.
return;
}
string userName = HttpContext.Current.User.Identity.Name;
if (userName != null && userName != string.Empty)
{
//custom user object that implements IPrincipla interface
UserContext user = UserData.GetUserByUserName(userName);
HttpContext.Current.User = user;
}
}