I would like to use roles and membership without using the ASP.net membership. As a result, I use the FormsAuthentication_OnAuthenticate in global.asax.cs instead of
using the conventional Login_Authenticate.
When I was debugging this code, I found that the web application keeps authenticating in global.asax.cs
Code is as follows:
protected void FormsAuthentication_OnAuthenticate(Object sender, FormsAuthenticationEventArgs e)
{
if (FormsAuthentication.CookiesSupported == true)
{
if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
try
{
//let us take out the username now
string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
//let us extract the roles from our own custom cookie
string exmsg = "";
bool bAllUsersInCharge = false;
bool bEnabled = false;
string roles = GetUserRole(username, out exmsg, out bEnabled, out bAllUsersInCharge);
//Let us set the Pricipal with our user specific details
e.User = new System.Security.Principal.GenericPrincipal(
new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';'));
}
catch (Exception ex)
{
string msg = ex.Message;
//somehting went wrong
}
}
else
{
e.User = null;
// Response.Redirect("~/Login.aspx");
}
}
}