.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
david stephan
Asad Ali
Fauzul Azmi
Post New Web Links

Why should we set IPrincipal only in AuthenticateRequest

Posted By:      Posted Date: October 19, 2010    Points: 0   Category :ASP.Net
 

Hi,

Why should I set request principal (custom IPrincipal) in AuthenticateRequest only?

I mean what is wrong if I'll set it at a later stage (for example in AcquireRequestState where a Session is already available)?

The reason for this question is that I wanted to store the current user in the Session instead of cookie, but the session is available only in/after AcquireRequestState event.

Why is it wrong to do it there?

Thanks,
Dmitriy.




View Complete Post


More Related Resource Links

MVC - Custom IPrincipal

  

Hi,

I was trying to have something like this:
CustomUser u = this.HttpContext.User.Identity as CustomUser;
u.Email...
u.Organization...

 

My LogOn actions is this:
[AcceptVerbs(HttpVerbs.Post)]
public ActionResult LogOn(CustomUser u)
{
    IPrincipal principal = new CustomPrincipal(u.Login, u.Password); //in here, I create a new CustomUser and validate login/password
    if (principal.Identity.IsAuthenticated)
    {
        u = principal.Identity as CustomUser;
        this.HttpContext.User = principal;
        return RedirectToAction("Welcome", "Members");
    }
    else
        return RedirectToAction("Index");
}

 

On Members/MyWelcome action the HttpContext.User's type is always GenericPrincipal, and it should be CustomPrincipal.
Am i missing something?

 

Thanks


IIdentity, IPrincipal, membership and roles provider

  

Hi!

How I must use this? I create custom principal for implement logic for users. In identity I store Id, Name. But it abnormally - this classes must use for authenticate and authorize. 

I can implement custom MembershipUser, custom Roles and Membership provider. 


IIdentity, IPrincipal, membership and roles provider

  

Hi!

How I must use this? I create custom principal for implement logic for users. In identity I store Id, Name. But it abnormally - this classes must use for authenticate and authorize. 

I can implement custom MembershipUser, custom Roles and Membership provider. 

How to do it? What best practices are?

Best regards,

Peshkov Evgeniy.


Storing the user's custom IPrincipal in the cache or the session?

  

When I first implemented forms authentication I consulted an article that told me to store the user's custom IPrincipal object in the cache.  Is this wrong?  Should I have stored it in the session?


Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend