Ask a Question related to ASP.NET Security, Design and Development.
-
MasterGaurav #1
Customer IPrincial and IIdentity
Hi,
I need to push some more information than just username and roles in
the IPrincipal implementation.
For this, I wrote the following code (during authentication):
MyIdentity mi = new MyIdentity(....);
MyPrincipal mp = new MyPrincipal(....);
Context.User = mp;
FormsAuthentication.SetAuthCookie(...);
However, everytime I check for Context.User, I get a
GenericPrincipal. How can I have my own MyPrincipal come into
existence?
CHeers,
Gaurav Vaish
[url]http://mastergaurav.org[/url]
[url]http://mastergaurav.blogspot.com[/url]
----------------------------
MasterGaurav Guest
-
Iprincipal & IIdentity problem
HI All, I ma new to .NET. I was a java programmer for the past 2 years, and now shifted to .NET. My company (A product based company) is rewritng... -
Marshaling IIdentity via web services.
Is there a way to marshal an object via a web service that implements IIdentity? Thanks -
how to add another property to class inheriting from IIdentity?
Hello peoples this is a question regarding security of windows application I want to add another property (the UserID) to... -
Pay for Customer Support?
We have to pay for Customer Support? We have to pay for Beta versions? Macromedia getting greedy? I tried installing Director MX 2004 trial on... -
Finding a NEW customer
I am trying to create a multiple find in a script for the purpose of finding a customer base that defined as NEW. New is defined as a customer... -
Paul Glavich [MVP ASP.NET] #2 Re: Customer IPrincial and IIdentity
You must re-assign your custom principal to the thread identity for each
returning request. Use a cookie to store any specific information, grab that
info from the cookie in the Applicatin_Authenticate event, then generate a
custom principal and assign it to the threads context
(HttpContext.Current.User)
--
- Paul Glavich
ASP.NET MVP
ASPInsider ([url]www.aspinsiders.com[/url])
"MasterGaurav" <gaurav.vaish@gmail.com> wrote in message
news:1112610412.603357.318560@o13g2000cwo.googlegr oups.com...> Hi,
>
> I need to push some more information than just username and roles in
> the IPrincipal implementation.
>
> For this, I wrote the following code (during authentication):
>
> MyIdentity mi = new MyIdentity(....);
> MyPrincipal mp = new MyPrincipal(....);
>
> Context.User = mp;
> FormsAuthentication.SetAuthCookie(...);
>
> However, everytime I check for Context.User, I get a
> GenericPrincipal. How can I have my own MyPrincipal come into
> existence?
>
>
>
> CHeers,
> Gaurav Vaish
> [url]http://mastergaurav.org[/url]
> [url]http://mastergaurav.blogspot.com[/url]
> ----------------------------
>
Paul Glavich [MVP ASP.NET] Guest
-
MasterGaurav #3 Re: Customer IPrincial and IIdentity
Cookie!
Is there no other way? Putting it in session... would that work fine?
Cheers,
Gaurav Vaish
[url]http://mastergaurav.org[/url]
[url]http://mastergaurav.blogspot.com[/url]
----------------------------
MasterGaurav Guest
-
Brock Allen #4 Re: Customer IPrincial and IIdentity
But how are distinct Sessions identified? Yep, with cookies :)
If you put that info into a cookie then you most certainly should encrypt
and MAC protect it so it can't be viewed or modified by the end user (or
an attacker). Beware, the more security code you write the less secure your
app tends to be.
-Brock
DevelopMentor
[url]http://staff.develop.com/ballen[/url]
> Cookie!
> Is there no other way? Putting it in session... would that work fine?
> Cheers,
> Gaurav Vaish
> [url]http://mastergaurav.org[/url]
> [url]http://mastergaurav.blogspot.com[/url]
> ----------------------------
Brock Allen Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
