Ask a Question related to ASP.NET Security, Design and Development.
-
Stuart Shay #1
Help with Authentication Cookie
Hello All
I am trying to convert a code sample that I have working in VB.NET to C#
The Problem is that in the Application_AuthenticateRequest Event in
Global.asax.cs the cookie is not being evalated , The Sample I have working
is from
[url]http://www.codeproject.com/dotnet/SecurityModelDotNet.asp[/url]
Thanks
Stuart
----------------------------------------------------------------------------------
Below is a sample of my C# Code
protected void WindowsAuthentication_OnAuthenticate(object
sender,WindowsAuthenticationEventArgs e)
{
//Check for the existence of the cookie. If it exists then Authentication
Ticket has
//already been created.
if(null == Context.Request.Cookies["authCookie"])
{
//Get User ID from Windows Authenticated Event
string userId = (UserGroupInfo.LoginIdStripDomain(e.Identity.Name) );
//Get User Role List
//string roleList = "ADMIN|POWER_USER|USER";
// Create a authentication ticket w/Role List.
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1,
e.Identity.Name,DateTime.Now, DateTime.Now.AddMinutes(60),
false, roleList);
// Encrpt the ticket before setting the cookie value
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
// Create a cookie and add the encrypted ticket to the cookie as data.
HttpCookie authCookie = new
HttpCookie(FormsAuthentication.FormsCookieName,enc ryptedTicket);
// Add the cookie to the outgoing cookies collection.
Response.Cookies.Add(authCookie);
}
}
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = Context.Request.Cookies[cookieName];
if(!(null == authCookie))
{
//HttpCookie authCookie = Context.Request.Cookies["authCookie"];
FormsAuthenticationTicket authTicket =
FormsAuthentication.Decrypt(authCookie.Value);
// Create an Identity object
GenericIdentity userIdentity = new GenericIdentity(authTicket.Name);
string[] roles = authTicket.UserData.Split(new char[]{'|'});
GenericPrincipal principal = new GenericPrincipal(userIdentity, roles);
// Attach the new principal object to the current HttpContext object
HttpContext.Current.User = principal;
}
}
Stuart Shay Guest
-
forms authentication cookie not timeout
I customized the cookie generation in forms authentication so I can keep extra data in the cookie. but the problem now is that my forms... -
Forms Authentication - Cookie not being generated...
Hi there everyone, I'm new to this newsgroup so I hope you don't mind me just asking a question, but it has been working me for way to long now and... -
Forms Authentication Cookie Does Not Expire
On my asp.net application, suddenly the forms authentication cookies for clients have quit expiring. This results in users being able to access the... -
Forms Authentication Cookie via IP Only
Hello, I have a problem with the forms authentication cookie when accessing my site via http://computername/application, however when I access... -
authentication cookie vs session cookie
Hi, What are the differences between authentication and session cookies? In my web.config file, I set the cookieless attribute for the...
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
