Is there an event that fires after user is authenticated (Windows)? I am executing at Application_Start(), but it returns false User.Identity.IsAuthenticated.
What I would like is to create and add roles manually to a user.
Asked
Active
Viewed 3,540 times
2
rp.
- 3,435
- 1
- 21
- 29
Fernando.M
- 157
- 3
- 9
2 Answers
1
I used this:
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{
if (HttpContext.Current.User != null)
{
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
if (HttpContext.Current.User.Identity is WindowsIdentity)
{
if (string.IsNullOrEmpty(Usuario.Nome))
{
Make sure, to in you project properties (alt + enter in the project) click on WEB an check NTLM AUTHENTICATION.
This worked for me. now HttpContext.Current.User.Identity is no longer null
Julian
- 33,915
- 22
- 119
- 174
Fernando.M
- 157
- 3
- 9
-
Microsoft no longer recommends NTLM in applications – Rotem Varon Oct 30 '14 at 16:10
-
This is the only way it worked, all other way User.Identity.IsAuthenticated was null when running app from visual studio – Fernando.M Oct 30 '14 at 16:22
-
can you try this? http://stackoverflow.com/questions/1663535/httpcontext-current-user-is-null-even-though-windows-authentication-is-on – Rotem Varon Oct 30 '14 at 16:26
0
Application_Start() is called when the first resource (such as a page) in an ASP.NET application is requested. Also, it’s called only once during the life cycle of an application. That has been said, you will not will be able to auth all the users at that point. The current Windows user information on the client computer is supplied by the web browser through a cryptographic exchange involving hashing with the Web server [Wiki]. It is only then that you can auth the user. So, User.Identity.IsAuthenticated should work on page load (see code below). You can extract the logic that you need to a common method and call it on the first time a page loads
protected void Page_Load(object sender, EventArgs e)
{
if (User.Identity.IsAuthenticated)
{
Page.Title = "Home page for " + User.Identity.Name;
// add your logic here
}
else
{
// you get here if auth failed.
Page.Title = "Home page for guest user.";
}
}
More info after your update:
I would use Application_Start() to check and add roles if they do not already exist.
if (! Roles.RoleExists("Auditors"))
Roles.CreateRole("Auditors");
You might find this post useful: http://weblogs.asp.net/scottgu/Recipe_3A00_-Implementing-Role_2D00_Based-Security-with-ASP.NET-2.0-using-Windows-Authentication-and-SQL-Server
Rotem Varon
- 1,597
- 1
- 15
- 32
-
Hi, I was trying like this: protected void Application_AuthenticateRequest(Object sender, EventArgs e) { if (HttpContext.Current.User != null) { if (HttpContext.Current.User.Identity.IsAuthenticated) { if (HttpContext.Current.User.Identity is WindowsIdentity) { var amduser = new UsuarioDB(); amduser.DefinirPropriedadesUsuario(); } } } } But Current.User.Identity is always null – Fernando.M Oct 30 '14 at 12:26
-
@user1200656, can you try this? http://stackoverflow.com/questions/1663535/httpcontext-current-user-is-null-even-though-windows-authentication-is-on – Rotem Varon Oct 30 '14 at 15:44