ASP. NET MVC2: Where abouts do I set Current.User from a Session variable?

Posted by Adam Brown on Stack Overflow See other posts from Stack Overflow or by Adam Brown
Published on 2010-06-11T11:17:35Z Indexed on 2010/06/11 11:23 UTC
Read the original article Hit count: 1108

Filed under:

Hi,

I'm trying to get authentication and authorisation working in an ASP .NET MVC2 site.

I've read loads of tutorials and some books which explain how you can use attributes to require authorisation (and membership in a role) like this:

[Authorize(Roles="Admin")]
public ActionResult Index()
{
    return View();
}

I've made classes that implement IIdentity and IPrincipal, I create a userPrincipal object once the user has successfully logged in and I add it to a session variable.

When the user goes to another page I want it to set the HttpContext.Current.User to the object that I stored in the session, something like this:

if (Session["User"] != null)
{
    HttpContext.Current.User = Session["User"] as MyUser;
}

My question is: Where abouts do I put the code directly above? I tried Application_AuthenticateRequest but it tells me Session state is not available in this context.

Many thanks.

© Stack Overflow or respective owner

Related posts about asp.net-mvc-2