Set HttpContext.Current.User from Thread.CurrentPrincipal

Posted by Argons on Stack Overflow See other posts from Stack Overflow or by Argons
Published on 2010-05-17T14:58:35Z Indexed on 2010/05/17 15:10 UTC
Read the original article Hit count: 289

I have a security manager in my application that works for both windows and web, the process is simple, just takes the user and pwd and authenticates them against a database then sets the Thread.CurrentPrincipal with a custom principal. For windows applications this works fine, but I have problems with web applications.

After the process of authentication, when I'm trying to set the Current.User to the custom principal from Thread.CurrentPrincipal this last one contains a GenericPrincipal. Am I doing something wrong? This is my code:

Login.aspx

protected void btnAuthenticate_Click(object sender, EventArgs e)
{
    Authenticate("user","pwd");
    FormsAuthenticationTicket authenticationTicket = new FormsAuthenticationTicket(1,
                        "user",
                        DateTime.Now,
                        DateTime.Now.AddMinutes(30),
                        false,
                        "");

    string ticket = FormsAuthentication.Encrypt(authenticationTicket);
    HttpCookie authenticationCookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticket);
    Response.Cookies.Add(authenticationCookie);    
    Response.Redirect(FormsAuthentication.GetRedirectUrl("user", false));
}

Global.asax (This is where the problem appears)

protected void Application_AuthenticateRequest(object sender, EventArgs e)
    {
        HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
        if (authCookie == null)
            return;

        if (HttpContext.Current.User != null && HttpContext.Current.User.Identity.IsAuthenticated && HttpContext.Current.User.Identity is FormsIdentity)
        {                
            HttpContext.Current.User = System.Threading.Thread.CurrentPrincipal; //Here the value is GenericPrincipal
        }

Thanks in advance for any help. }

© Stack Overflow or respective owner

Related posts about c#

Related posts about ASP.NET