Ask a Question related to ASP.NET Security, Design and Development.
-
dave #1
Application_AuthenticateRequest
I have code in the Global.asax that adds roles to a logged in user, which
all works fine.
But, i noticed that every request for a page thereafter runs this code each
time - which requires a call to the DB, which is costly.
I have tried to run this same piece of code from another page, instead of
global.asax, but it never seems to be able to assign the roles to that
current user?
Is there something different i have to do in order to make it work elsewhere
(ie, not within global.asax file).
Thanks in advance!
dave Guest
-
newbie seeks User.Identity and Application_AuthenticateRequest help
I'm trying to understand how security works in a ASP.NET c# project. The global.asax has this code: protected void... -
Application_AuthenticateRequest execute 4 times
Hi, I've never seen similar problem before. Application_AuthenticateRequest in Global.asax.vb file execute 4 time before it exit to the default.vb... -
Form-based security and Application_AuthenticateRequest - help?!
Hi there, Getting into ASP.Net finally, looks good but I'm having a bit of trouble here. I'm protecting my web site via form-based security (I... -
Cy Huckaba #2 Re: Application_AuthenticateRequest
You could leave it in the global.asax page and put a conditional check in the
logic...for example.
If roles aren't set
call db
set roles
else
do nothing
end if
We have implemented some code like that for custom form authentication tickets.
Hope that helps,
Cy Huckaba
"dave" <dave@edin.co.uk> wrote in message
news:#NU$yttrDHA.4060@TK2MSFTNGP11.phx.gbl...> I have code in the Global.asax that adds roles to a logged in user, which
> all works fine.
>
> But, i noticed that every request for a page thereafter runs this code each
> time - which requires a call to the DB, which is costly.
>
> I have tried to run this same piece of code from another page, instead of
> global.asax, but it never seems to be able to assign the roles to that
> current user?
>
> Is there something different i have to do in order to make it work elsewhere
> (ie, not within global.asax file).
>
> Thanks in advance!
>
>
Cy Huckaba Guest
-
dave #3 Re: Application_AuthenticateRequest
Thanks
Did think about that one, but how do you check if a set of role(s) have been
set for a user?
Finally, do you know if it is the case that you cant set them anywhere else
apart from global.asax file. I have seen some samples that dont seem to be
in global, but those dont seem to work for me either???
Thanks again.
"Cy Huckaba" <russellh@t-3.com> wrote in message
news:Or2xMrurDHA.3140@TK2MSFTNGP11.phx.gbl...the> You could leave it in the global.asax page and put a conditional check intickets.> logic...for example.
>
> If roles aren't set
> call db
> set roles
>
> else
> do nothing
>
> end if
>
> We have implemented some code like that for custom form authenticationwhich>
> Hope that helps,
>
> Cy Huckaba
>
>
>
> "dave" <dave@edin.co.uk> wrote in message
> news:#NU$yttrDHA.4060@TK2MSFTNGP11.phx.gbl...> > I have code in the Global.asax that adds roles to a logged in user,each> > all works fine.
> >
> > But, i noticed that every request for a page thereafter runs this codeof> > time - which requires a call to the DB, which is costly.
> >
> > I have tried to run this same piece of code from another page, insteadelsewhere> > global.asax, but it never seems to be able to assign the roles to that
> > current user?
> >
> > Is there something different i have to do in order to make it work>> > (ie, not within global.asax file).
> >
> > Thanks in advance!
> >
> >
>
dave Guest
-
Application_AuthenticateRequest
Do you want this to only happen the first time period that
the user ever logs in or do you want this to happen every
time the user starts a new session?
What about putting your code into the Session_Start in the
Global.asax (I don't know where you have it now)? And if
you only want to do it once period, then check first if it
has already been done before doing it... Either way, it
would only occur once per user per login so hopefully not
so bad...
logged in user, which>-----Original Message-----
>I have code in the Global.asax that adds roles to aruns this code each>all works fine.
>
>But, i noticed that every request for a page thereafterpage, instead of>time - which requires a call to the DB, which is costly.
>
>I have tried to run this same piece of code from anotherroles to that>global.asax, but it never seems to be able to assign themake it work elsewhere>current user?
>
>Is there something different i have to do in order to>(ie, not within global.asax file).
>
>Thanks in advance!
>
>
>.
>Guest
-
Cy Huckaba #5 Re: Application_AuthenticateRequest
Here is some code that we used to reset a cookie in the authenticateRequest
method. This was a workaround because 1.0 wouldn't persist cookies across
subwebs. We had to reset the cookie on every request if they already had one.
Dim hasClientCookie As Boolean = False
'client cookie
Try
Dim c As HttpCookie
c = Request.Cookies(ConfigurationSettings.AppSettings( "clientid"))
'if cookie is not there it will bomb out and skip the rest
c.Path = "/" & ConfigurationSettings.AppSettings("clientid")
c.Expires = Now.AddDays(90)
Response.Cookies.Add(c)
FormsAuthentication.SetAuthCookie(User.Identity.Na me, True)
hasClientCookie = True
'Response.Write(" : client cookie")
Catch
'do nothing
End Try
You can see we had access to the User object. I belive you can use that to
create an IPrincipal object and check roles. I haven't done this specifically
here so I don't know for sure.
The other thing is that I did try to use this same functionality outside of the
global.asax file with no luck as well. It seemed I always had trouble getting a
reference to the current user or the current http context...it was always
something.
"dave" <dave@edin.co.uk> wrote in message
news:eVQ0z7urDHA.732@TK2MSFTNGP09.phx.gbl...> Thanks
>
> Did think about that one, but how do you check if a set of role(s) have been
> set for a user?
>
> Finally, do you know if it is the case that you cant set them anywhere else
> apart from global.asax file. I have seen some samples that dont seem to be
> in global, but those dont seem to work for me either???
>
> Thanks again.
>
>
>
> "Cy Huckaba" <russellh@t-3.com> wrote in message
> news:Or2xMrurDHA.3140@TK2MSFTNGP11.phx.gbl...> the> > You could leave it in the global.asax page and put a conditional check in> tickets.> > logic...for example.
> >
> > If roles aren't set
> > call db
> > set roles
> >
> > else
> > do nothing
> >
> > end if
> >
> > We have implemented some code like that for custom form authentication> which> >
> > Hope that helps,
> >
> > Cy Huckaba
> >
> >
> >
> > "dave" <dave@edin.co.uk> wrote in message
> > news:#NU$yttrDHA.4060@TK2MSFTNGP11.phx.gbl...> > > I have code in the Global.asax that adds roles to a logged in user,> each> > > all works fine.
> > >
> > > But, i noticed that every request for a page thereafter runs this code> of> > > time - which requires a call to the DB, which is costly.
> > >
> > > I have tried to run this same piece of code from another page, instead> elsewhere> > > global.asax, but it never seems to be able to assign the roles to that
> > > current user?
> > >
> > > Is there something different i have to do in order to make it work>> >> > > (ie, not within global.asax file).
> > >
> > > Thanks in advance!
> > >
> > >
> >
>
Cy Huckaba Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
