I'll be using Forms Authentication, so I think I see what your saying. I can change the Thread::CurrentPrincipal in, say, the FormsAuthentication_OnAuthenticate event. Then my user could be accessed from my windows service or from ASP.NET by checking Thread::CurrentPrincipal, and I'd be good to go ( I'll do my homework on SecurityAttribute and the ControlPrincipal flag).
This makes sense, right? Thanks, Pete Bartkowski >From: "Marsh, Drew" <[EMAIL PROTECTED]> >Reply-To: dotnet discussion <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: Re: [DOTNET] how to pass httpcontext.user to another assembly >Date: Mon, 29 Apr 2002 13:49:37 -0400 > >Pete B [mailto:[EMAIL PROTECTED]] wrote: > > > I'm just going to validate that a user is within a certain > > role and perform tasks or filter data based on that role. > > I'll define a separate 'superuser' and I'd like my window's > > service to run in the context if this 'superuser'. > >If this is the case you're always going to want to know about the logical >user. Hmmm... ok, this makes things a little more complex. Next questions: >In the of ASP.NET, are you going to be using Windows auth with >impersonation >based on the client? If not, what authentication module are you going to be >using? > >In the ASP.NET case, the logical user is only ever going to be found via >HttpContext::User if client impersonation is not used. In the windows >service the logical user is going to be coming through >Thread::CurrentPrincipal. So you could use that code I pasted to sniff if >you're in the context of an ASP.NET request, but if you're components are >ever executed in another custom environment like ASP.NET where the logical >user is different than the Thread::CurrentPrincipal then you could be in >trouble. > >Another option is, if in ASP.NET you're using something like the >FormsAuthenticationModule, you hook into it and change the >Thread::CurrentPrincipal. That way your components always look there for >the >principal information. This requires that the ASP.NET module code be marked >with SecurityAttribute and the ControlPrincipal flag. > >HTH, >Drew > >You can read messages from the DOTNET archive, unsubscribe from DOTNET, or >subscribe to other DevelopMentor lists at http://discuss.develop.com. _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx You can read messages from the DOTNET archive, unsubscribe from DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
