Asp.net generic principal problem

Question

Using this code for authentification:

HttpContext.Current.User=new GenericPrincipal
  (new GenericIdentity(user.UserName), roles);
FormsAuthentication.SetAuthCookie(user.UserName,false);

Problem is - on next request, HttpContext.Current.User.IsAuthenticated is true, but HttpContext.Current.User.IsInRole("admin") is false.

There are a lot of info on google but somehow nothing helps as usual.

Tried to add this to my web.config:

<system.web>
  <roleManager enabled="false" />
</system.web>

I do not want to use membership provider.

Any tips?

*blind rabbit mode ON* sorry, i'm having a hard afternoon here :d Reflector says you're doing it right... perhaps you should double check what's in your roles string array — samy, Oct 04 '10 at 11:57

Joseph · Accepted Answer · 2010-10-04T12:03:59.787

1

I think you might be trying to use the wrong kind of Identity if you're using forms authentication. You might be better off using FormsIdentity.

edited Oct 04 '10 at 12:03

answered Oct 04 '10 at 11:50

Joseph

`genericIdentity` haven't property `Roles` – Arnis Lapsa Oct 04 '10 at 11:56
@Joseph my mistake. actually - I do call it on user. – Arnis Lapsa Oct 04 '10 at 12:01
@Amit ok I thought it probably was but I might have found something else anyway – Joseph Oct 04 '10 at 12:08
@Joseph that looks promising. Overcomplicated as usual, but might actually work. – Arnis Lapsa Oct 04 '10 at 12:16
Does not help either. It does decrypt identity from cookie, set it to `HttpContext.Current.User` but inside controller action, `User.IsInRole("admin")` still is false. The same scenario as before. – Arnis Lapsa Oct 04 '10 at 12:28
@Amis What's in your HttpContext.Current.User's Roles property? – Joseph Oct 04 '10 at 12:29
There is no `Roles` property on `HttpContext.Current.User`. – Arnis Lapsa Oct 04 '10 at 12:30
This helped - http://stackoverflow.com/questions/1385042/asp-net-mvc-forms-authentication-authorize-attribute-simple-roles/2342196#2342196 Had to switch roleManager back to false in web.config and it finally works. God that was intuitive... – Arnis Lapsa Oct 04 '10 at 13:07
I hate it when something that seems like it should be so easy ends up being so difficult. – Joseph Oct 04 '10 at 13:22

score 0 · Answer 2 · answered Oct 04 '10 at 12:00

0

Look like the IsInRole method is on the wrong interface. Try

HttpContext.Current.User.IsInRole("admin")

answered Oct 04 '10 at 12:00

samy

Nah, that was just a typo. Didn't double check and wrote example as I remembered it. It's not solution. HttpContext.Current.User.Identity.IsInRole doesn't even compile. – Arnis Lapsa Oct 04 '10 at 12:03

2 Answers2