By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
445,876 Members | 1,191 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 445,876 IT Pros & Developers. It's quick & easy.

DESPERATE: FormsAuthentication Problem

P: n/a
I am having a very perplexing problem with setting the user's roles. I have
tried to figure this out for 2 days now.

When the user logs in to the site, I retrieve the roles from the database
and create a semicolon delimited string listing the roles returned and store
them in the forms authentication cookie. Then in the global.asax
Application_AuthenticateRequest, I retrieve the FormsAuthenticationTicket
from the forms authentication cookie, create a new FormsIdentity object,
then create a new GenericPrincipal object passing in the FormsIdentity
object and roles, and set the User to the new principal object.

Now, when I check to see if HttpContext.Current.User.IsInRole("TestRole1"),
I get different results from two different machines.

On my development machine, this works great.
(As you can see from the code below) It returns:
User is in TestRole1: True
TestRole1;TestRole2;TestRole3

On my production machine, this doesn't work.
(As you can see from the code below) It returns:
User is in TestRole1: False
TestRole1;TestRole2;TestRole3

The user is Authenticated and the roles are being set in
FormsAuthenticationTicket correctly. As far as I can tell, the two machines
are set up the same:
Development machine:
WinXP SP2, .NET Framework v1.1, IIS 5.1
Production machine:
Win2000 SP4, .NET Framework v1.1, IIS 5.0 (I think?)

I am desperately needing some insight into the problem. Does anyone have any
idea as to what might be causing this? Is it a setting I forgot? I have list
some code that I am using below, to see if that helps.

========================================
In my Login.aspx page, I have this code:

' Get ";" delimited string of the user's roles from the database
Dim roles As String = myFunctionToGetRoles(userID)

' Create the authentication ticket
Dim authTicket As FormsAuthenticationTicket = New
FormsAuthenticationTicket(1, userName, DateTime.Now,
DateTime.Now.AddMinutes(30), False, roles)

' Now encrypt the ticket
Dim encryptedTicket As String = FormsAuthentication.Encrypt(authTicket)

' Create a cookie and add the encrypted ticket to the cookie as data
Dim authCookie As HttpCookie = New
HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)

' Add the cookie to the outgoing cookies collection
Response.Cookies.Add(authCookie)

' Redirect to the Authenticated page to avoid the misleading Security Alert
message box from popping up
Response.Redirect("Authenticated.aspx?ReturnUrl=" &
Request.QueryString.Item("ReturnUrl"), True)
In my Global.asax, I have this code:

Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
' Fires upon attempting to authenticate the user

' Extract the forms authentication cookie
Dim authCookie As HttpCookie =
Context.Request.Cookies(FormsAuthentication.FormsC ookieName)

If authCookie Is Nothing Then
' There is no authentication cookie
Exit Sub
End If

Dim authTicket As FormsAuthenticationTicket
Try
authTicket = FormsAuthentication.Decrypt(authCookie.Value)
Catch ex As Exception
' Log exception details omitted for simplicity
Exit Sub
End Try

If authTicket Is Nothing Then
' Cookie failed to decrypt
Exit Sub
End If

' When the ticked was created, the UserData property was
' assigned a semicolon delimited string of role names.
Dim roles As String() = authTicket.UserData.Split(";"c)

' Create an Identity object
Dim id As FormsIdentity = New FormsIdentity(authTicket)

' This principal will flow throughout the request
Dim principal As GenericPrincipal = New GenericPrincipal(id, roles)

' Attach the new principal object to the current HttpContext object
Context.User = principal

End Sub

And on my Default.aspx page, I test the roles with this code:
' Test the User's Roles
Dim curUser As System.Security.Principal.IPrincipal =
HttpContext.Current.User
If curUser.Identity.IsAuthenticated Then
If thisUser.IsInRole("TestRole1") Then
lblMessage.Text = "User is in TestRole1: True"
Else
lblMessage.Text = "User is in TestRole1: False"
End If

Dim id As FormsIdentity = CType(HttpContext.Current.User.Identity,
FormsIdentity)
Dim ticket As FormsAuthenticationTicket = id.Ticket
' Get the stored user-data, in this case, our roles
' stored in the User.Identity, and display them
lblMessage.Text += "<br>" + ticket.UserData
End If
Thanks to everyone in advance,
Jeff
Nov 19 '05 #1
Share this Question
Share on Google+
4 Replies


P: n/a
Hi Jeff,

I'm looking at the code and it seems just fine. Can you check that your
web.config file is identical between the two machines? Also can you check
to see if they are running the same .Net 1.1 Service Pack? One other thing
is can you test users that are only in 1 role each and see if that makes it
work? These are all guess but hopefully they'll help spring up some other
ideas. Good luck! Ken.

--
Ken Dopierala Jr.
For great ASP.Net web hosting try:
http://www.webhost4life.com/default.asp?refid=Spinlight
If you sign up under me and need help, email me.

"Jeff B" <je*******@hotmail.com> wrote in message
news:OD**************@TK2MSFTNGP11.phx.gbl...
I am having a very perplexing problem with setting the user's roles. I have tried to figure this out for 2 days now.

When the user logs in to the site, I retrieve the roles from the database
and create a semicolon delimited string listing the roles returned and store them in the forms authentication cookie. Then in the global.asax
Application_AuthenticateRequest, I retrieve the FormsAuthenticationTicket
from the forms authentication cookie, create a new FormsIdentity object,
then create a new GenericPrincipal object passing in the FormsIdentity
object and roles, and set the User to the new principal object.

Now, when I check to see if HttpContext.Current.User.IsInRole("TestRole1"), I get different results from two different machines.

On my development machine, this works great.
(As you can see from the code below) It returns:
User is in TestRole1: True
TestRole1;TestRole2;TestRole3

On my production machine, this doesn't work.
(As you can see from the code below) It returns:
User is in TestRole1: False
TestRole1;TestRole2;TestRole3

The user is Authenticated and the roles are being set in
FormsAuthenticationTicket correctly. As far as I can tell, the two machines are set up the same:
Development machine:
WinXP SP2, .NET Framework v1.1, IIS 5.1
Production machine:
Win2000 SP4, .NET Framework v1.1, IIS 5.0 (I think?)

I am desperately needing some insight into the problem. Does anyone have any idea as to what might be causing this? Is it a setting I forgot? I have list some code that I am using below, to see if that helps.

========================================
In my Login.aspx page, I have this code:

' Get ";" delimited string of the user's roles from the database
Dim roles As String = myFunctionToGetRoles(userID)

' Create the authentication ticket
Dim authTicket As FormsAuthenticationTicket = New
FormsAuthenticationTicket(1, userName, DateTime.Now,
DateTime.Now.AddMinutes(30), False, roles)

' Now encrypt the ticket
Dim encryptedTicket As String = FormsAuthentication.Encrypt(authTicket)

' Create a cookie and add the encrypted ticket to the cookie as data
Dim authCookie As HttpCookie = New
HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)

' Add the cookie to the outgoing cookies collection
Response.Cookies.Add(authCookie)

' Redirect to the Authenticated page to avoid the misleading Security Alert message box from popping up
Response.Redirect("Authenticated.aspx?ReturnUrl=" &
Request.QueryString.Item("ReturnUrl"), True)
In my Global.asax, I have this code:

Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
' Fires upon attempting to authenticate the user

' Extract the forms authentication cookie
Dim authCookie As HttpCookie =
Context.Request.Cookies(FormsAuthentication.FormsC ookieName)

If authCookie Is Nothing Then
' There is no authentication cookie
Exit Sub
End If

Dim authTicket As FormsAuthenticationTicket
Try
authTicket = FormsAuthentication.Decrypt(authCookie.Value)
Catch ex As Exception
' Log exception details omitted for simplicity
Exit Sub
End Try

If authTicket Is Nothing Then
' Cookie failed to decrypt
Exit Sub
End If

' When the ticked was created, the UserData property was
' assigned a semicolon delimited string of role names.
Dim roles As String() = authTicket.UserData.Split(";"c)

' Create an Identity object
Dim id As FormsIdentity = New FormsIdentity(authTicket)

' This principal will flow throughout the request
Dim principal As GenericPrincipal = New GenericPrincipal(id, roles)

' Attach the new principal object to the current HttpContext object
Context.User = principal

End Sub

And on my Default.aspx page, I test the roles with this code:
' Test the User's Roles
Dim curUser As System.Security.Principal.IPrincipal =
HttpContext.Current.User
If curUser.Identity.IsAuthenticated Then
If thisUser.IsInRole("TestRole1") Then
lblMessage.Text = "User is in TestRole1: True"
Else
lblMessage.Text = "User is in TestRole1: False"
End If

Dim id As FormsIdentity = CType(HttpContext.Current.User.Identity,
FormsIdentity)
Dim ticket As FormsAuthenticationTicket = id.Ticket
' Get the stored user-data, in this case, our roles
' stored in the User.Identity, and display them
lblMessage.Text += "<br>" + ticket.UserData
End If
Thanks to everyone in advance,
Jeff

Nov 19 '05 #2

P: n/a
Ken,

I have verified that both machines are running the same version of the
Framework and that the web.config files are identical (except for SQL
connection strings). Could there possibly be something in the machine.config
file causing this?

Jeff
"Ken Dopierala Jr." <kd*********@wi.rr.com> wrote in message
news:u9**************@TK2MSFTNGP10.phx.gbl...
Hi Jeff,

I'm looking at the code and it seems just fine. Can you check that your
web.config file is identical between the two machines? Also can you check
to see if they are running the same .Net 1.1 Service Pack? One other
thing
is can you test users that are only in 1 role each and see if that makes
it
work? These are all guess but hopefully they'll help spring up some other
ideas. Good luck! Ken.

--
Ken Dopierala Jr.
For great ASP.Net web hosting try:
http://www.webhost4life.com/default.asp?refid=Spinlight
If you sign up under me and need help, email me.

"Jeff B" <je*******@hotmail.com> wrote in message
news:OD**************@TK2MSFTNGP11.phx.gbl...
I am having a very perplexing problem with setting the user's roles. I

have
tried to figure this out for 2 days now.

When the user logs in to the site, I retrieve the roles from the database
and create a semicolon delimited string listing the roles returned and

store
them in the forms authentication cookie. Then in the global.asax
Application_AuthenticateRequest, I retrieve the FormsAuthenticationTicket
from the forms authentication cookie, create a new FormsIdentity object,
then create a new GenericPrincipal object passing in the FormsIdentity
object and roles, and set the User to the new principal object.

Now, when I check to see if

HttpContext.Current.User.IsInRole("TestRole1"),
I get different results from two different machines.

On my development machine, this works great.
(As you can see from the code below) It returns:
User is in TestRole1: True
TestRole1;TestRole2;TestRole3

On my production machine, this doesn't work.
(As you can see from the code below) It returns:
User is in TestRole1: False
TestRole1;TestRole2;TestRole3

The user is Authenticated and the roles are being set in
FormsAuthenticationTicket correctly. As far as I can tell, the two

machines
are set up the same:
Development machine:
WinXP SP2, .NET Framework v1.1, IIS 5.1
Production machine:
Win2000 SP4, .NET Framework v1.1, IIS 5.0 (I think?)

I am desperately needing some insight into the problem. Does anyone have

any
idea as to what might be causing this? Is it a setting I forgot? I have

list
some code that I am using below, to see if that helps.

========================================
In my Login.aspx page, I have this code:

' Get ";" delimited string of the user's roles from the database
Dim roles As String = myFunctionToGetRoles(userID)

' Create the authentication ticket
Dim authTicket As FormsAuthenticationTicket = New
FormsAuthenticationTicket(1, userName, DateTime.Now,
DateTime.Now.AddMinutes(30), False, roles)

' Now encrypt the ticket
Dim encryptedTicket As String = FormsAuthentication.Encrypt(authTicket)

' Create a cookie and add the encrypted ticket to the cookie as data
Dim authCookie As HttpCookie = New
HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)

' Add the cookie to the outgoing cookies collection
Response.Cookies.Add(authCookie)

' Redirect to the Authenticated page to avoid the misleading Security

Alert
message box from popping up
Response.Redirect("Authenticated.aspx?ReturnUrl=" &
Request.QueryString.Item("ReturnUrl"), True)
In my Global.asax, I have this code:

Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
' Fires upon attempting to authenticate the user

' Extract the forms authentication cookie
Dim authCookie As HttpCookie =
Context.Request.Cookies(FormsAuthentication.FormsC ookieName)

If authCookie Is Nothing Then
' There is no authentication cookie
Exit Sub
End If

Dim authTicket As FormsAuthenticationTicket
Try
authTicket = FormsAuthentication.Decrypt(authCookie.Value)
Catch ex As Exception
' Log exception details omitted for simplicity
Exit Sub
End Try

If authTicket Is Nothing Then
' Cookie failed to decrypt
Exit Sub
End If

' When the ticked was created, the UserData property was
' assigned a semicolon delimited string of role names.
Dim roles As String() = authTicket.UserData.Split(";"c)

' Create an Identity object
Dim id As FormsIdentity = New FormsIdentity(authTicket)

' This principal will flow throughout the request
Dim principal As GenericPrincipal = New GenericPrincipal(id, roles)

' Attach the new principal object to the current HttpContext object
Context.User = principal

End Sub

And on my Default.aspx page, I test the roles with this code:
' Test the User's Roles
Dim curUser As System.Security.Principal.IPrincipal =
HttpContext.Current.User
If curUser.Identity.IsAuthenticated Then
If thisUser.IsInRole("TestRole1") Then
lblMessage.Text = "User is in TestRole1: True"
Else
lblMessage.Text = "User is in TestRole1: False"
End If

Dim id As FormsIdentity = CType(HttpContext.Current.User.Identity,
FormsIdentity)
Dim ticket As FormsAuthenticationTicket = id.Ticket
' Get the stored user-data, in this case, our roles
' stored in the User.Identity, and display them
lblMessage.Text += "<br>" + ticket.UserData
End If
Thanks to everyone in advance,
Jeff


Nov 19 '05 #3

P: n/a
Hi Jeff,

I don't know much about the machine.config. I searched and the only thing I
found was that the IsInRole will fail when the list of roles is more than
2048 bytes but that doesn't seem to apply to you. It doesn't seem to be a
permission thing because you are being authenticated. I wish I could help
but I'm out of ideas. The best thing I can recommend is maybe try the
microsoft.public.dotnet.framework.aspnet.security newsgroup. I think that
is where I found the 2048 byte limit thing but I don't remember what version
of the framework it applies to and it doesn't even look to affect you. I
hope you find an answer. This is a strange one. The only thing I can think
of trying is instead of creating your roles from the DB and using Split try
to hardcode a 3 element string array just for fun and see if that changes
things. If not then it probably has nothing to do with string functions and
is definitely something deeper. Ken.

"Jeff B" <je*******@hotmail.com> wrote in message
news:OH****************@tk2msftngp13.phx.gbl...
Ken,

I have verified that both machines are running the same version of the
Framework and that the web.config files are identical (except for SQL
connection strings). Could there possibly be something in the machine.config file causing this?

Jeff
"Ken Dopierala Jr." <kd*********@wi.rr.com> wrote in message
news:u9**************@TK2MSFTNGP10.phx.gbl...
Hi Jeff,

I'm looking at the code and it seems just fine. Can you check that your
web.config file is identical between the two machines? Also can you check to see if they are running the same .Net 1.1 Service Pack? One other
thing
is can you test users that are only in 1 role each and see if that makes
it
work? These are all guess but hopefully they'll help spring up some other ideas. Good luck! Ken.

--
Ken Dopierala Jr.
For great ASP.Net web hosting try:
http://www.webhost4life.com/default.asp?refid=Spinlight
If you sign up under me and need help, email me.

"Jeff B" <je*******@hotmail.com> wrote in message
news:OD**************@TK2MSFTNGP11.phx.gbl...
I am having a very perplexing problem with setting the user's roles. I

have
tried to figure this out for 2 days now.

When the user logs in to the site, I retrieve the roles from the database and create a semicolon delimited string listing the roles returned and

store
them in the forms authentication cookie. Then in the global.asax
Application_AuthenticateRequest, I retrieve the FormsAuthenticationTicket from the forms authentication cookie, create a new FormsIdentity object, then create a new GenericPrincipal object passing in the FormsIdentity
object and roles, and set the User to the new principal object.

Now, when I check to see if

HttpContext.Current.User.IsInRole("TestRole1"),
I get different results from two different machines.

On my development machine, this works great.
(As you can see from the code below) It returns:
User is in TestRole1: True
TestRole1;TestRole2;TestRole3

On my production machine, this doesn't work.
(As you can see from the code below) It returns:
User is in TestRole1: False
TestRole1;TestRole2;TestRole3

The user is Authenticated and the roles are being set in
FormsAuthenticationTicket correctly. As far as I can tell, the two

machines
are set up the same:
Development machine:
WinXP SP2, .NET Framework v1.1, IIS 5.1
Production machine:
Win2000 SP4, .NET Framework v1.1, IIS 5.0 (I think?)

I am desperately needing some insight into the problem. Does anyone
have any
idea as to what might be causing this? Is it a setting I forgot? I have

list
some code that I am using below, to see if that helps.

========================================
In my Login.aspx page, I have this code:

' Get ";" delimited string of the user's roles from the database
Dim roles As String = myFunctionToGetRoles(userID)

' Create the authentication ticket
Dim authTicket As FormsAuthenticationTicket = New
FormsAuthenticationTicket(1, userName, DateTime.Now,
DateTime.Now.AddMinutes(30), False, roles)

' Now encrypt the ticket
Dim encryptedTicket As String = FormsAuthentication.Encrypt(authTicket)

' Create a cookie and add the encrypted ticket to the cookie as data
Dim authCookie As HttpCookie = New
HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)

' Add the cookie to the outgoing cookies collection
Response.Cookies.Add(authCookie)

' Redirect to the Authenticated page to avoid the misleading Security

Alert
message box from popping up
Response.Redirect("Authenticated.aspx?ReturnUrl=" &
Request.QueryString.Item("ReturnUrl"), True)
In my Global.asax, I have this code:

Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
EventArgs)
' Fires upon attempting to authenticate the user

' Extract the forms authentication cookie
Dim authCookie As HttpCookie =
Context.Request.Cookies(FormsAuthentication.FormsC ookieName)

If authCookie Is Nothing Then
' There is no authentication cookie
Exit Sub
End If

Dim authTicket As FormsAuthenticationTicket
Try
authTicket = FormsAuthentication.Decrypt(authCookie.Value)
Catch ex As Exception
' Log exception details omitted for simplicity
Exit Sub
End Try

If authTicket Is Nothing Then
' Cookie failed to decrypt
Exit Sub
End If

' When the ticked was created, the UserData property was
' assigned a semicolon delimited string of role names.
Dim roles As String() = authTicket.UserData.Split(";"c)

' Create an Identity object
Dim id As FormsIdentity = New FormsIdentity(authTicket)

' This principal will flow throughout the request
Dim principal As GenericPrincipal = New GenericPrincipal(id, roles)

' Attach the new principal object to the current HttpContext object
Context.User = principal

End Sub

And on my Default.aspx page, I test the roles with this code:
' Test the User's Roles
Dim curUser As System.Security.Principal.IPrincipal =
HttpContext.Current.User
If curUser.Identity.IsAuthenticated Then
If thisUser.IsInRole("TestRole1") Then
lblMessage.Text = "User is in TestRole1: True"
Else
lblMessage.Text = "User is in TestRole1: False"
End If

Dim id As FormsIdentity = CType(HttpContext.Current.User.Identity,
FormsIdentity)
Dim ticket As FormsAuthenticationTicket = id.Ticket
' Get the stored user-data, in this case, our roles
' stored in the User.Identity, and display them
lblMessage.Text += "<br>" + ticket.UserData
End If
Thanks to everyone in advance,
Jeff



Nov 19 '05 #4

P: n/a
Hello Jeff,

Since the sql connection strings are different (as you stated), are the databases
different (ie: is the production user really not in TestRole1 in that database)?

--
Matt Berther
http://www.mattberther.com
Ken,

I have verified that both machines are running the same version of the
Framework and that the web.config files are identical (except for SQL
connection strings). Could there possibly be something in the
machine.config file causing this?

Jeff

"Ken Dopierala Jr." <kd*********@wi.rr.com> wrote in message
news:u9**************@TK2MSFTNGP10.phx.gbl...
Hi Jeff,

I'm looking at the code and it seems just fine. Can you check that
your
web.config file is identical between the two machines? Also can you
check
to see if they are running the same .Net 1.1 Service Pack? One other
thing
is can you test users that are only in 1 role each and see if that
makes
it
work? These are all guess but hopefully they'll help spring up some
other
ideas. Good luck! Ken.
--
Ken Dopierala Jr.
For great ASP.Net web hosting try:
http://www.webhost4life.com/default.asp?refid=Spinlight
If you sign up under me and need help, email me.
"Jeff B" <je*******@hotmail.com> wrote in message
news:OD**************@TK2MSFTNGP11.phx.gbl...
I am having a very perplexing problem with setting the user's roles.
I

have
tried to figure this out for 2 days now.

When the user logs in to the site, I retrieve the roles from the
database and create a semicolon delimited string listing the roles
returned and

store
them in the forms authentication cookie. Then in the global.asax
Application_AuthenticateRequest, I retrieve the
FormsAuthenticationTicket from the forms authentication cookie,
create a new FormsIdentity object, then create a new
GenericPrincipal object passing in the FormsIdentity object and
roles, and set the User to the new principal object.

Now, when I check to see if

HttpContext.Current.User.IsInRole("TestRole1"),
I get different results from two different machines.

On my development machine, this works great.
(As you can see from the code below) It returns:
User is in TestRole1: True
TestRole1;TestRole2;TestRole3
On my production machine, this doesn't work.
(As you can see from the code below) It returns:
User is in TestRole1: False
TestRole1;TestRole2;TestRole3
The user is Authenticated and the roles are being set in
FormsAuthenticationTicket correctly. As far as I can tell, the two

machines
are set up the same:
Development machine:
WinXP SP2, .NET Framework v1.1, IIS 5.1
Production machine:
Win2000 SP4, .NET Framework v1.1, IIS 5.0 (I think?)
I am desperately needing some insight into the problem. Does anyone
have

any
idea as to what might be causing this? Is it a setting I forgot? I
have

list
some code that I am using below, to see if that helps.

========================================
In my Login.aspx page, I have this code:
' Get ";" delimited string of the user's roles from the database Dim
roles As String = myFunctionToGetRoles(userID)

' Create the authentication ticket
Dim authTicket As FormsAuthenticationTicket = New
FormsAuthenticationTicket(1, userName, DateTime.Now,
DateTime.Now.AddMinutes(30), False, roles)
' Now encrypt the ticket
Dim encryptedTicket As String =
FormsAuthentication.Encrypt(authTicket)
' Create a cookie and add the encrypted ticket to the cookie as data
Dim authCookie As HttpCookie = New
HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)

' Add the cookie to the outgoing cookies collection
Response.Cookies.Add(authCookie)

' Redirect to the Authenticated page to avoid the misleading
Security

Alert
message box from popping up
Response.Redirect("Authenticated.aspx?ReturnUrl=" &
Request.QueryString.Item("ReturnUrl"), True)

In my Global.asax, I have this code:

Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e
As
EventArgs)
' Fires upon attempting to authenticate the user
' Extract the forms authentication cookie
Dim authCookie As HttpCookie =
Context.Request.Cookies(FormsAuthentication.FormsC ookieName)
If authCookie Is Nothing Then
' There is no authentication cookie
Exit Sub
End If
Dim authTicket As FormsAuthenticationTicket
Try
authTicket = FormsAuthentication.Decrypt(authCookie.Value)
Catch ex As Exception
' Log exception details omitted for simplicity
Exit Sub
End Try
If authTicket Is Nothing Then
' Cookie failed to decrypt
Exit Sub
End If
' When the ticked was created, the UserData property was ' assigned
a semicolon delimited string of role names. Dim roles As String() =
authTicket.UserData.Split(";"c)

' Create an Identity object
Dim id As FormsIdentity = New FormsIdentity(authTicket)
' This principal will flow throughout the request
Dim principal As GenericPrincipal = New GenericPrincipal(id, roles)
' Attach the new principal object to the current HttpContext object
Context.User = principal

End Sub

And on my Default.aspx page, I test the roles with this code:
' Test the User's Roles
Dim curUser As System.Security.Principal.IPrincipal =
HttpContext.Current.User
If curUser.Identity.IsAuthenticated Then
If thisUser.IsInRole("TestRole1") Then
lblMessage.Text = "User is in TestRole1: True"
Else
lblMessage.Text = "User is in TestRole1: False"
End If
Dim id As FormsIdentity = CType(HttpContext.Current.User.Identity,
FormsIdentity)
Dim ticket As FormsAuthenticationTicket = id.Ticket
' Get the stored user-data, in this case, our roles
' stored in the User.Identity, and display them
lblMessage.Text += "<br>" + ticket.UserData
End If
Thanks to everyone in advance,
Jeff

Nov 19 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.