HttpContext.Current.User returns null (forms authentification); how to use custom role and membershi

  • Thread starter Thread starter alexandis
  • Start date Start date
A

alexandis

There are tons of articles about custom role and provider membership,
but they just tear me apart and confuse :(

The situation is following: I use DB2, so I wrote custom role +
membership providers.
Membership provider seems to work. I use forms authentication, so as
articles say, I need to do some magic to be able to get roles for
current user, because microsoft mechanism works only for windows
authentication...

The articles are
http://www.howtodothings.com/computers/a792-aspnet-forms-authentication-with-roles.html
and
http://www.codeproject.com/aspnet/formsroleauth.asp

Ticket, hmm... I guess I don't need it, because I use login control
for authentication, I just need to get roles for the authenticated
user somewhere... where?? Do I need to create instance of my role
provider class?? There's no info about it on MSDN site. I've decided
to use first article approach, but WHERE to start from?
Why HttpContext.Current.User returns null? When should I create
application array for the roles?

My client waits until i'm done with login page, but I'm totally lost
in all this info....
 
Ok, HTTPContext was null, because I checked it before going from login
page and there was no post request yet. But all in all - how correct
code should look like for custom membership provider to get roles (and
saving them for later use!) right after authentication and before
redirecting to other page??
 
Well... i can see i'm the quickest one :)))
So I got access to roleprovider via Roles and to my membershipuser
class via static call: mymembershipclass.getuser(), which returns a
new instance of mymembershipuser class... Then, being in global
context (LoggedIn even) i can save it for later use somewhere...
 
If you want to simplify things, role information can come out of your users
table (or a roles table with a JOIN) at the time the user is looked up for
authentication. This information is usually stored in the Forms ticket's
UserData field as a comma-delimited list of role names. This then gets
"stored" in the Forms cookie.

-- Peter
Recursion: see Recursion
site: http://www.eggheadcafe.com
unBlog: http://petesbloggerama.blogspot.com
BlogMetaFinder: http://www.blogmetafinder.com
 
Ok.
What is supposed under forms cookie? Is it just a hidden field to
store data between site page cross-posting?
Or it's a server-side data, that is unique for every user?

Besides this, where it's appropriate to store info when navigating
between pages?

p.s. I'm originally from ColdFusion, where also such variable areas,
as session, application, client exist. But here a lot of things are
different, so I just want to know a common practics of this in
ASP.NET :)
 
Back
Top