By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,742 Members | 793 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,742 IT Pros & Developers. It's quick & easy.

Authentication Ticket not storing UserData

P: n/a
Hey all,

I've followed the examples online on how to use Forms Authentication to
create a ticket, assign it a role, and then intercept it in the
Global.asax file to make sure it gets sucked in to the IPrincipal. This
has worked on some other apps, but my code isn't working in my new one
for some reason. Here's my CreateCredentials code:

Private Sub CreateCredentials(ByVal UserID As String, ByVal UserRole As

Dim CurrentContext As HttpContext
Dim FormsCookie As String
Dim AuthCookie As HttpCookie
Dim Ticket As System.Web.Security.FormsAuthenticationTicket
Dim AuthIdentity As System.Web.Security.FormsIdentity
Dim MinutesUntilExpiration As Double

CurrentContext = HttpContext.Current
' The session timeout limit is defined in the web.config file
MinutesUntilExpiration =
CType(ConfigurationSettings.AppSettings("WLTTimeOu tMinutes"), Double)
Ticket = New System.Web.Security.FormsAuthenticationTicket(1,
UserID, DateTime.Now, _

DateTime.Now.AddMinutes(MinutesUntilExpiration), _

' Add ticket into user's cookie list and put the ticket into the
user's HTTP Context
FormsCookie = System.Web.Security.FormsAuthentication.Encrypt(Ti cket)
AuthCookie = New
HttpCookie(System.Web.Security.FormsAuthentication .FormsCookieName,

End Sub

Similarly, in my global.asax I have the following

Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As
' Fires upon attempting to authenticate the user

Dim id As System.Web.Security.FormsIdentity
Dim ticket As System.Web.Security.FormsAuthenticationTicket

' Update authentication ticket greated during login to include
the user's role in its credentials.
If Not HttpContext.Current.User Is Nothing Then
If HttpContext.Current.User.Identity.IsAuthenticated Then
If TypeOf HttpContext.Current.User.Identity Is
System.Web.Security.FormsIdentity Then
id = CType(HttpContext.Current.User.Identity,
ticket = id.Ticket
Dim UserRole() As String = {""}
UserRole(0) = ticket.UserData
HttpContext.Current.User = New
System.Security.Principal.GenericPrincipal(id, UserRole)
End If
End If
End If

End Sub

For some reason, when I debug, I trace the script through the create
credentials striaght into the application_authentication, but the
UserData doesn't go with it. Here is my debug info:

Login Form:
CookiePath: "/"
Expiration: #1/24/2005 4:12:16 PM#
Expired: False
IsPersistent: False
IssueDate: #1/24/2005 3:52:16 PM#
Name: "spatterson"
UserData: "USER"
Version: 1

CookiePath: "/"
Expiration: #1/24/2005 4:22:32 PM#
Expired: False
IsPersistent: False
IssueDate: #1/24/2005 3:52:32 PM#
Name: "spatterson"
UserData: ""
Version: 1

Any help to what I'm missing? I've even cleared out my cookies in IE to
test things. Thanks in advance!
Nov 19 '05 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.