The static variable (Shared in VB) is used once for all users.
So John will login and be John.
Then Bob will log in be Bob. But now John is Bob too.
Static variables should be used when all users get assigned the same value.
e.g. some global value.
You should create a Principal and Identity class combination which you can
store in Session for each user.
Then you attach the Principal to the thread for each request and you will
know the current user.
Here is some more info:
Here is one way to handle this:
So you need to use Forms Authentication to authenticate a given UID and
PWD
combination. These values can be in your DB and you need to look them up
and
verify that the typped in values match the ones in the DB. (Note that the
connection string for your DB has nothing to do with this. You use those
credentials to make the connection and take advantage of the connection
pool. You do NOT vary the conenct string with each user as this is a true
scalabilit killer.)
Sample code requires you to have a login method on your Principal class
(which calls your Identity class).
mUser.Login(txtUserId.Text, txtPassword.Text)
mUser = CType(Thread.CurrentPrincipal, myUser)
If mUser.Identity.IsAuthenticated = True Then
HttpContext.Current.User = mUser
Session("myPrincipal") = mUser
Web.Security.FormsAuthentication.RedirectFromLogin Page(txtUserId.Text,
False)
Else
'do something else
End If
I use code like this in my Global.asax file to re-use the principal value
on each hit:
Private Sub Global_AcquireRequestState(ByVal sender As Object, ByVal e As
System.EventArgs) Handles MyBase.AcquireRequestState
If Not Session("myPrincipal") Is Nothing Then
Thread.CurrentPrincipal = DirectCast(Session("myPrincipal"), myUser)
HttpContext.Current.User =DirectCast(Session("myPrincipal"), myUser)
Else
If Thread.CurrentPrincipal.Identity.IsAuthenticated = True Then
Web.Security.FormsAuthentication.SignOut()
Server.Transfer(Request.ApplicationPath + "/Login.aspx")
End If
End If
End Sub
Rocky Lhotka explains these concepts very well in his book on Business
Objects.
http://www.lhotka.net/ArticleIndex.a...ea=CSLA%20.NET
--
Joe Fallon
"Danny Crowell" <Da**********@discussions.microsoft.com> wrote in message
news:47**********************************@microsof t.com...
I have a question related to ASP.net sessions and static attributes. In an
ASP.net application (MyApp) I have a class called Globals with a public
static string called UserName. Will UserName be unique for each session or
will the value of UserName be the same for all sessions?
For example, John launches MyApp and the UserName is assinged the value
"John". Next, Bob launches MyApp and the UserName is assigned the value
"Bob". Does John have a UserName == "John" while Bob has a UserName ==
"Bob"
or did John's UserName get overwritten to "Bob"?
Thanks, Danny