Just had a look at the help for the control:
<quote>
Notes to Implementers Custom authentication schemes should set the
Authenticated property to true to indicate that a user has been
authenticated. When a user submits his or her login information, the Login
control first raises the LoggingIn event, then the Authenticate event, and
finally the LoggedIn event.
</quote>
So, if it were me, I'd retrieve the roles in the Authenticate event. Since
we use Forms authentication, I'd then store them as a delimited string in a
FormsAuthenticationTicket, which I'd then encrypt and store in a cookie.
The Application_AuthenticateRequest event handler can then retrieve and
decrypt the cookie, get the roles stored and put them into an Identity
object in a Principal object.
HTH
Peter
"Iain" <Ia**@discussions.microsoft.comwrote in message
news:F5**********************************@microsof t.com...
>
"Peter Bradley" wrote:
>I've never used the login control, but presumably the onus is on you to
get
the roles. A quick look at the help for the login control doesn't show
that
it provides any features such as role retrieval.
Hi, Peter.
YOu will see from my first post that a resubmit of the login page picks up
the roles correctly. The roles are present in the same SQLExpress
database
as the users.
The symptoms are as if the roles are not loaded until after the LoggedIn
event is called, which is plain bizzare.
Iain