Application_AuthenticateRequest cannot read Session variable

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I will be using a companyname, user name, and password to authenicate users
in my system. I am trying to save the company name in the session for later
use. I cannot access the Session["CompanyName"] object in the
Application_AuthenticateRequest function. I need the companyname to lookup
the users group to build the GenericPrincipal for the user. My code is below.

Login Page:
int c = SiteSecurity.DBAuthenticate(txtCompanyName.Text, txtUsername.Text,
txtPassword.Text);
if (c > 0) {
//save the company name into the session
Session.Add("CompanyName", txtCompanyName.Text);
FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, false);
}
else {
//error handling
}

GLobal.asax
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
if ( Context.Request.IsAuthenticated ) {
string strUserName;
String strRoles;
String userName = String.Empty;

strUserName = Context.User.Identity.Name;
strRoles = EMS.PepSecurity.GetClientUsersGroups(strUserName);

string[] arrRoles = strRoles.Split('|');
Context.User = new GenericPrincipal( Context.User.Identity, arrRoles );
}
}

In the EMS.PepSecurity.GetClientUsersGroups function I am getting the error
on the following lines
string companyName = string.Empty;
try { companyName = HttpContext.Current.Session["CompanyName"].ToString(); }

The object cannot be found.

How can I save the company name if the session will not work?
 
Session is just that - only relevent for a specific users session, sounds
like you need to use the "Application" object to store this on, similar, just
different scope.

Dave
 
Session is not yet bound to the context during Authenticate. You will need
to place this information in a cookie to persist it correctly.

bill


danman226 said:
I will be using a companyname, user name, and password to authenicate users
in my system. I am trying to save the company name in the session for later
use. I cannot access the Session["CompanyName"] object in the
Application_AuthenticateRequest function. I need the companyname to lookup
the users group to build the GenericPrincipal for the user. My code is below.

Login Page:
int c = SiteSecurity.DBAuthenticate(txtCompanyName.Text, txtUsername.Text,
txtPassword.Text);
if (c > 0) {
//save the company name into the session
Session.Add("CompanyName", txtCompanyName.Text);
FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, false);
}
else {
//error handling
}

GLobal.asax
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
if ( Context.Request.IsAuthenticated ) {
string strUserName;
String strRoles;
String userName = String.Empty;

strUserName = Context.User.Identity.Name;
strRoles = EMS.PepSecurity.GetClientUsersGroups(strUserName);

string[] arrRoles = strRoles.Split('|');
Context.User = new GenericPrincipal( Context.User.Identity, arrRoles );
}
}

In the EMS.PepSecurity.GetClientUsersGroups function I am getting the error
on the following lines
string companyName = string.Empty;
try { companyName =
Click to expand...
HttpContext.Current.Session["CompanyName"].ToString(); }
 
Thanks.

I rewrote my forms authentication request to get it to work.

William F. Robertson said:
Session is not yet bound to the context during Authenticate. You will need
to place this information in a cookie to persist it correctly.

bill


danman226 said:
I will be using a companyname, user name, and password to authenicate users
in my system. I am trying to save the company name in the session for later
use. I cannot access the Session["CompanyName"] object in the
Application_AuthenticateRequest function. I need the companyname to lookup
the users group to build the GenericPrincipal for the user. My code is below.

Login Page:
int c = SiteSecurity.DBAuthenticate(txtCompanyName.Text, txtUsername.Text,
txtPassword.Text);
if (c > 0) {
//save the company name into the session
Session.Add("CompanyName", txtCompanyName.Text);
FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, false);
}
else {
//error handling
}

GLobal.asax
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
if ( Context.Request.IsAuthenticated ) {
string strUserName;
String strRoles;
String userName = String.Empty;

strUserName = Context.User.Identity.Name;
strRoles = EMS.PepSecurity.GetClientUsersGroups(strUserName);

string[] arrRoles = strRoles.Split('|');
Context.User = new GenericPrincipal( Context.User.Identity, arrRoles );
}
}

In the EMS.PepSecurity.GetClientUsersGroups function I am getting the error
on the following lines
string companyName = string.Empty;
try { companyName =
Click to expand...
HttpContext.Current.Session["CompanyName"].ToString(); }
The object cannot be found.

How can I save the company name if the session will not work?
Click to expand...
Click to expand...
 
The way to solve this is to cache the user's role mappings in the ASP.NET
data Cache object. You can generate a key based upon the username and fetch
them that way. So, the Session isn't needed to cache that data.

-Brock
DevelopMentor
http://staff.develop.com/ballen
 
Back
Top