When exactly Application_AuthenticateRequest event is fired?

A

Andrew

Hello, friends,

In our forms authentication asp.net app, I used
FormsAuthentication.SetAuthCookie() to authenticate a new registered user
like the follows:

//...already create a new userID from our DB
FormsAuthentication.SetAuthCookie(Request.Form["loginName"], true);

Then I planned in Application_AuthenticateRequest() to assign roles to this
new user using GenericPrincipal().

However, although I set breakpoint, it did not stop. I thought that calling
FormsAuthentication.SetAuthCookie() would trigger
Application_AuthenticateRequest() event.

So, at exactly what condition, an Application_AuthenticateRequest event will
be fired?

Thanks a lot.
 
D

Dominick Baier [DevelopMentor]

hi,

AuthenticateRequest gets fired on each request -

if you want to add code there to get roles for the user do something like
this:

if (Context.Request.IsAuthenticated)
{

// get roles
// create GenericPrincipal
// set Context.User

}

after you call SetAuthCookie you need another roundtrip for this event to
fire - e.g. a redirect to your main page etc...
 
A

Andrew

AuthenticateRequest gets fired on each request

Does that mean that: After a user is authenticated, every request from this
user aftermath will raise Application_AuthenticateRequest event?

Then, I think I just need to set role for this new user the first request
form him/her, right? For the rest of his/her requests, how can I avoid to
execute the following code again?

if (Context.Request.IsAuthenticated)
{

// get roles
// create GenericPrincipal
// set Context.User

}

Thanks.


Dominick Baier said:
hi,

AuthenticateRequest gets fired on each request -

if you want to add code there to get roles for the user do something like
this:

if (Context.Request.IsAuthenticated)
{

// get roles
// create GenericPrincipal
// set Context.User

}

after you call SetAuthCookie you need another roundtrip for this event to
fire - e.g. a redirect to your main page etc...


---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
Hello, friends,

In our forms authentication asp.net app, I used
FormsAuthentication.SetAuthCookie() to authenticate a new registered
user like the follows:

//...already create a new userID from our DB
FormsAuthentication.SetAuthCookie(Request.Form["loginName"], true);
Then I planned in Application_AuthenticateRequest() to assign roles to
this new user using GenericPrincipal().

However, although I set breakpoint, it did not stop. I thought that
calling FormsAuthentication.SetAuthCookie() would trigger
Application_AuthenticateRequest() event.

So, at exactly what condition, an Application_AuthenticateRequest
event will be fired?

Thanks a lot.
Click to expand...
Click to expand...
 
D

Dominick Baier [DevelopMentor]

Hi,

you can't.

The code has to execute on every request. You can do some optimizations by
caching the roles, e.g. in the authentication ticket's userData field.

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
AuthenticateRequest gets fired on each request
Click to expand...
Does that mean that: After a user is authenticated, every request from
this user aftermath will raise Application_AuthenticateRequest event?

Then, I think I just need to set role for this new user the first
request form him/her, right? For the rest of his/her requests, how can
I avoid to execute the following code again?

if (Context.Request.IsAuthenticated)
{
// get roles
// create GenericPrincipal
// set Context.User
}

Thanks.

Dominick Baier said:
hi,

AuthenticateRequest gets fired on each request -

if you want to add code there to get roles for the user do something
like this:

if (Context.Request.IsAuthenticated)
{
// get roles
// create GenericPrincipal
// set Context.User
}

after you call SetAuthCookie you need another roundtrip for this
event to fire - e.g. a redirect to your main page etc...

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
Hello, friends,

In our forms authentication asp.net app, I used
FormsAuthentication.SetAuthCookie() to authenticate a new registered
user like the follows:

//...already create a new userID from our DB
FormsAuthentication.SetAuthCookie(Request.Form["loginName"], true);
Then I planned in Application_AuthenticateRequest() to assign roles
to this new user using GenericPrincipal().

However, although I set breakpoint, it did not stop. I thought that
calling FormsAuthentication.SetAuthCookie() would trigger
Application_AuthenticateRequest() event.

So, at exactly what condition, an Application_AuthenticateRequest
event will be fired?

Thanks a lot.
Click to expand...
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Application_AuthenticateRequest 3
Application_AuthenticateRequest and ASP.NET 2.0 0
Why do we need more code in Application_AuthenticateRequest()? 1
Authorization question, w/ "Windows" authentication mode 12
Custom event from a custom web control is fired twice 1
When exactly are you logged in? (Forms authentication) 2
AuthenticateRequest event and Roles 1
HttpContext.Current.User is always null in Global_AuthenticateRequ 3

Members online

No members online now.
Total: 30 (members: 0, guests: 30)
Robots: 220

Forum statistics

Threads
473,755
Messages
2,569,537
Members
45,023
Latest member
websitedesig25

Latest Threads

Top