473,473 Members | 2,061 Online

Sign in
Join

Home Posts Topics Members FAQ

forms authentication question

Everything is working in my authentication process except
for the fact that I can't retrieve the "UserData" property
from the "FormsAuthenticationTicket".

Write before I do a "RedirectFromLoginPage", I check
the "UserData" property of
the "FormsAuthenticationTicket". It's set to the
value "Admin" (a role for the user) which is what I want.

Here is the code:

strUserName = CType(drOLEDBNicemScheduling.GetValue(1) &
Chr(32) & drOLEDBNicemScheduling.GetValue(2), String)
'Set the authentication ticket
Dim arrRoles(0) As String
arrRoles(0) =
drOLEDBNicemScheduling.GetValue(3)
Dim ticket As New
FormsAuthenticationTicket(1, strUserName, Now, DateAdd
(DateInterval.Minute, 60, Now),
ValidateLogin.PersistantCookie, arrRoles(0))
Dim cookie = New HttpCookie
(FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(ticket))
If ValidateLogin.PersistantCookie Then
Response.Cookies.Add(cookie)
End If
'Create Identity
Dim objIdentity As New
Security.Principal.GenericIdentity(strUserName)
Dim objPrincipal As New
Security.Principal.GenericPrincipal(objIdentity, arrRoles)

FormsAuthentication.RedirectFromLoginPage(strUserN ame,
ValidateLogin.PersistantCookie)

However, once I get in the Global.asax file in
the "Application_AuthenticateRequest" event (fired by the
FormsAuthentication.RedirectFromLoginPage method), I check
the "UserData" property of the ticket and it's an empty
string! All the other properties pertaining to the ticket
are there. I'm setting up the cookie, so the "Userdata"
property should be populated.

Here is the code in the global.asax file:

Sub Application_AuthenticateRequest(ByVal sender As
Object, ByVal e As EventArgs)

If (Not (HttpContext.Current.User Is Nothing)) Then
If
HttpContext.Current.User.Identity.AuthenticationTy pe
= "Forms" Then
If
HttpContext.Current.User.Identity.IsAuthenticated Then
Dim id As FormsIdentity =
HttpContext.Current.User.Identity
Dim ticket As
FormsAuthenticationTicket = id.Ticket
Dim roles(0) As String
roles(0) = ticket.UserData
HttpContext.Current.User = New
System.Security.Principal.GenericPrincipal(id, roles)
End If
End If
End If

End Sub

What am I doing wrong??? I need to be able to identify the
role of the user (they will only have 1 role).

Thanks,

Bill........

Nov 17 '05 #1

Subscribe Reply

0

2242

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

Secure and Unsecure Web Directories using Forms Authentication

by: Billy Jacobs | last post by:

I have a website which has both secure and non-secure pages. I want to uses forms authentication. How do I accomplish this? Originally I had my web.config file in the root with Forms...

Combine Forms Authentication with Windows

by: Nick | last post by:

I am working a new application...well actually a series of applications for my company. They want internal users to be able to go to a site and everything regarding security is transparent,...

Forms Authentication Problem

by: ElmoWatson | last post by:

I tried on the Security newgroup, as well as other places, and haven't gotten an answer yet - - I'm pulling my hair out over this one. I'm trying to get Forms Authentication working.....I can get...

Multiple sessions and forms-based authentication

by: Rob | last post by:

I have an ASP.NET application that uses forms-based authentication. A user wishes to be able to run multiple sessions of this application simultaneously from the user's client machine. The...

Forms Authentication question: How to have some pages open and some requiring forms authentication

by: Eric | last post by:

I am trying to build an app where the stuff in the root directory is open to all, but anything under the Restricted directory requires you to login and I want to use Forms to do it. I'm having...

Trouble with forms authentication

by: Justin | last post by:

I am trying to password protect a subdirectory using forms authentication. I am using the "Location" tag to specify the directory to be protected. The login.aspx page is in the root directory of...

Forms Auth. Question

by: V. Jenks | last post by:

Using forms authentication, can I control which pages and/or directories a user would have access to or is that only available with Windows authentication? Thanks!

Forms authentication and session expiration

by: Rippo | last post by:

Hi I am using role base forms authentication in asp.net and have come across a problem that I would like advice on. On a successful login a session variable is set to identify a user. This is...

Forms authentication vs session variable

by: Bjorn Sagbakken | last post by:

In a web-application with login creds (user, pwd), these are checked against a user table on a SQL server. On a positive validation I have saved the userID, name, custno and role-settings in a...

Forms Authentication vs MembershipProvider

by: Rory Becker | last post by:

Having now created a Custom MembershipProvider that seems to work correctly with my Logon and ChangePassword controls, I am, as they say, a happy bunny. The next stange is to move on to the...

How to build RAID in BIOS?

by: Hystou | last post by:

There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...

Changing the language in Windows 10

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap

Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us