I have an MVC app with my own custom principal (inherit from CslaPrincipal) and custom identity (since I need to do some extra validation to see if member is allowed to log in).
When the member logs in, I write the forms auth cookie, which is then read it on each request (Application_OnAuthenticateRequest in Global.asax)
protected void Application_OnAuthenticateRequest(Object sender, EventArgs e)
{
var authHttpCookie = Request.Cookies.Get(FormsAuthentication.FormsCookieName); // Grab the user's login information from FormsAuth
if (authHttpCookie == null) return; // If the cookie can't be found, then the ticket was not issued, so exit. No need to continue.
var formAuthTicket = FormsAuthentication.Decrypt(authHttpCookie.Value);
var userIdentity = new FormsIdentity(formAuthTicket); //Note: formAuthTicket.Name contains the Username; formAuthTicket.UserData contains the list of roles
MediaNaranja.Library.DomainObjects.Security.MnPrincipal.Load(userIdentity.Name, formAuthTicket.UserData);
}
My load method in Principal creates the identity and parses the list of roles (they are saved as csv). It then sets the user to the newly created principal
var principal = new GenericPrincipal(mnIdentity, rolesArray);
Csla.ApplicationContext.User = principal;
Right after I call the load method from Application_OnAuthenticateRequest the expression Csla.ApplicationContext.User.IsInRole("MEMBER") evaluates to true. On the same page request when I set a breakpoint in the home controller and check IsInRole("MEMBER") it evaluates to false.
I am lost as to where the roles are being lost. Any suggestions?
According to this answer on Stack Overflow , I need to set the Thread.CurrentPrincipal and Context.User.
I wanted to rely strickly on Csla.ApplicationContext.User. Doesn't Csla.ApplicationContext.User set both Principal and User?
Do you reference Csla.Web.dll from your UI project? You must do this.
The ApplicationContext.User property does the "right thing", but the right thing is different in ASP.NET vs WPF vs SL vs pure .NET.
We supply a "User property provider" for different environments. For example, Csla.Web.dll includes a provider that does the "right thing" in ASP.NET.
But you need to have that assembly in your bin folder for CSLA to find the code.
That was it!! Thank you Rocky.
Shameless plug: this is covered in the Using CSLA 4: ASP.NET MVC ebook :)
Rocky, I have a similar issue with a WPF aplication in .NET 4. Actually a 3 TIER app, with DataPortal running on IIS with WFC.
I'am using CSLA V 4.1.0.0 and everything works fine.
But after updating to CSLA 4.3.13 i have runtime errors because i "lost" the auntenthicated identity.
Is you said before, I tryed referencing "Csla.Windows.dll" to get the correct "User property provider" but i get the same error.
Funny thing is that my code works perfectly with CSLA 4.1.0.0.
Note: I've tryed downloading last version CSLA 4.5 but installer fails on Windows 8. Dont know if is a problem with my pc... I'll continue testing.
Any thoughts?
Thanks a lot
Rocky, referencing Csla.Xaml.dll did the trick!
Thanks a lot anywhere...
Copyright (c) Marimer LLC