HttpContext.Current.User not available in the redirected page

[Ali Khawaja]

I am trying to use Forms Authentication and Role-Based Security:
I have two pages: login.aspx and Default.aspx.
--------------------------
This is what I have in the submit event handler of my login.aspx (it has
an id and pwd fields):

UserDAL user = new UserDAL();
if( user.Authenticate(id,pwd))
{
HttpContext.Current.User = new GenericPrincipal(User.Identity,
user.GetUserRoles(id));
FormsAuthentication.RedirectFromLoginPage(id,false );
}
--------------------------------
Everything works fine uptil here. User is authenticated, and Gets the
proper roles from the db.

The problem is when I redirect to Default.aspx.
I have the following code in the page_load event handler:

private void Page_Load(object sender, System.EventArgs e)
{
string userId = Context.User.Identity.Name;
if(User.IsInRole("SR"))
DisplayAuthorizedLinks(AccessLevel.SR_ALLOWED);
else if(User.IsInRole("CR"))
DisplayAuthorizedLinks(AccessLevel.CR_ALLOWED);
else if(User.IsInRole("FULL"))
DisplayAuthorizedLinks(AccessLevel.FULL_ACCESS);
else if(User.IsInRole("ADMIN"))
DisplayAuthorizedLinks(AccessLevel.ADMIN_ACCESS);
}

At this point, User roles are complete empty. I Can't figure out what is
the case. Seems like context is not being transferred to the other page.

I'll appreciate any help.
Thanks
Ali

[MSFT]

Hi Ali,

You may try the way in following article to see if it will work:

HOW TO: Implement Role-Based Security with Forms-Based Authentication in
Your ASP.NET Application by Using Visual C# .NET
[url]http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q311495[/url]

Luke
Microsoft Online Support

Get Secure! [url]www.microsoft.com/security[/url]
(This posting is provided "AS IS", with no warranties, and confers no
rights.)