Databases
StackOverflow2013
Postsdbo
POHTTPContext User Set In BeginRequest Not Available In Controller
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POHTTPContext User Set In BeginRequest Not Available In Controller
    text
    copied!<p>I am rolling with a somewhat homebrew method of authenticating users. After authenticating the user, the authentication ticket is set like so in C#. </p> <pre><code>FormsAuthenticationTicket authenticationTicket = new FormsAuthenticationTicket(1, viewModel.Email, DateTime.Now, DateTime.Now.AddHours(48), true, String.Join("|", roles)); string encryptedTicket = FormsAuthentication.Encrypt(authenticationTicket); HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); Response.Cookies.Add(authCookie); </code></pre> <p>With a small note that roles is a string list built out of the available roles to that user (The roles are not within the same user table - e.g. there is a set of conditions that define a user "role"). </p> <p>Next within the Application_BeginRequest method in Global.asax I have the following : </p> <pre><code>// Extract the forms authentication cookie string cookieName = FormsAuthentication.FormsCookieName; HttpCookie authCookie = Context.Request.Cookies[cookieName]; if (null == authCookie) { return; } FormsAuthenticationTicket authTicket = null; try { authTicket = FormsAuthentication.Decrypt(authCookie.Value); } catch (Exception ex) { return; } if (null == authTicket) { return; } string[] roles = authTicket.UserData.Split(new char[] { '|' }); FormsIdentity id = new FormsIdentity(authTicket); GenericPrincipal principal = new GenericPrincipal(id, roles); HttpContext.Current.User = principal; </code></pre> <p>Basically setting the current context with the user from the authticket. However, I first ran into an issue as I was doing a custom Authorize attribute for an MVC class, and I noticed that the User of the HTTPContext was NOT set. </p> <p>I then noticed that within each action, the User was not set either. I can clearly see however by stepping through my code, that the user IS being found within the authentication ticket and being decrypted OK and stored in the context variable. But by the time I get to an action within any controller, the User has vanished from the context.</p> <p>EDIT : It should also be noted that other values set on the HTTPContext do carry over to the controller. e.g. this line </p> <pre><code>HttpContext.Current.AllowAsyncDuringSyncStages = false; // Or true </code></pre> <p>Will carry whatever I set it to into the controller action. It seems to only be the User that gets blanked. </p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload