473,766 Members | 2,159 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

How can I read login details from FormsAuthentica tionTicket ?

Hi

I have implemented a system of Role-based Security with Forms
Authentication in my website which retrieves a comma separated list of
user roles via a SQL Server stored procedure. The system all works
fine except for one part.

If I log into the system, I get authenticated as expected. If I then
close my browser, change the "Username" and "Password" values in the
database and revisit the website, I still get authenticated
successfully.

I want to add some code, probably within the Session_Start event of
Global.asax to read the username / password values from the cookie and
ensure that they still match those in the database.

Could anyone please supply me with a code snippet (preferably in C#)
for retrieving the username and password from the
FormsAuthentica tionTicket. I think that I probably need to use
FormsIdentity somewhere.

Many thanks in advance
John
Nov 18 '05 #1
2 3598
once user has been in you can use HttpContext.Cur rent.User.Ident ity.Name to
get his/her login name

"Fresh Air Rider" <Fr************ *@Hotmail.com> wrote in message
news:55******** *************** ***@posting.goo gle.com...
Hi

I have implemented a system of Role-based Security with Forms
Authentication in my website which retrieves a comma separated list of
user roles via a SQL Server stored procedure. The system all works
fine except for one part.

If I log into the system, I get authenticated as expected. If I then
close my browser, change the "Username" and "Password" values in the
database and revisit the website, I still get authenticated
successfully.

I want to add some code, probably within the Session_Start event of
Global.asax to read the username / password values from the cookie and
ensure that they still match those in the database.

Could anyone please supply me with a code snippet (preferably in C#)
for retrieving the username and password from the
FormsAuthentica tionTicket. I think that I probably need to use
FormsIdentity somewhere.

Many thanks in advance
John

Nov 18 '05 #2
Thanks Alexey
Nov 18 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
1645
by: Rayc | last post by:
I have a .NET login page that works fine locally but when I upload to my web host provider the login page keeps reappearing. When I click the login button, the login page reappears asking to login again. Here's the code behind my login_Click button: clsSecurity oSec = new clsSecurity(); oSec.sUserName = txtUserName.Text; oSec.sPassword = txtPassword.Text;
0
335
by: Fresh Air Rider | last post by:
Hi I have implemented a system of Role-based Security with Forms Authentication in my website which retrieves a comma separated list of user roles via a SQL Server stored procedure. The system all works fine except for one part. If I log into the system, I get authenticated as expected. If I then close my browser, change the "Username" and "Password" values in the database and revisit the website, I still get authenticated
9
3587
by: buran | last post by:
Dear ASP.NET Programmers, How can I post data to an ASP.NET login page and pass authentication? The login page uses forms authentication, users must supply usernames and password and have to click on a submit button. I want to automate this process by supplying values with HttpWebRequest and then download a file on the site. I think that I cannot invoke the submit button. Pleeeasee help, thanks in advance
5
1773
by: Kenneth Keeley | last post by:
Hi, I have a web app that has forms authentication and I can login to the page the first time I go there but it never times me out if I come back in 24 hours a hit the refresh key the page loads and I am still logged in. My session details are gone but I am still logged. These are the settings I am using are they right or do I need to change them? <system.web> <authentication mode="Forms">
11
2972
by: David W. Simmonds | last post by:
I have a form that will prompt for a user name/password. In VS.NET, I have the protected form in a folder named Admin. I have a Web.config file in that folder as well. It contains the following section: <authorization> <deny users="?" /> <allow users="*" /> </authorization> In the root folder where the other forms are located I have a Web.config
2
1653
by: Brian Henry | last post by:
We have our windows forms login set up and working good, well it works at least, just now we need a logout button, so when you click on it, the user will be logged out of the authentication, how would we do this? this is how we are doing the login form ======= <authentication mode="Forms"> <forms loginUrl="/WebClient/SecurePages/logon.aspx" name="RSMNEmail" timeout="20" path="/"></forms>
2
2909
by: pv | last post by:
Hi everyone, I need help with following scenario, please: Users are accessing same web server from intranet (users previously authenticated in Active Dir) and from extranet (common public users). If user is from intranet, web server should recognize it and application should create additional options in controls regarding groups the user belongs to. If user is from extranet it should be logged in as anonymous and a link to login page...
1
3597
by: Anders Jacobsen | last post by:
Hey Im devloping an application in asp.net 1.1 SP2. I need to control timeout values for each user. Im having trouble to make it work. When the session timouts out I want to redirect the user to the login page. OK., Im aware that we have 2 timeouts. Session timeout and forms authentication timeout. In login i do this
5
1491
by: Andrew | last post by:
Hi, I have a default.aspx which allows the user to choose between module Admin and module B. When the user clicks either one, he will be redirected to a FormsAuthentication login page. The problem I have is that currently, users of one module are able to access the other since I have only 1 login page. How do I prevent this ? I am not sure how to go about configuring the web.config file for having 2 modules that have a separate set of...
0
9571
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
9404
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
10168
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
10009
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
1
7381
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
6651
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
5423
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
2
3532
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
2806
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.