[Mono-aspnet-list] ASP.NET MVC 3 - Renewing authorization during a request works on Windows, but not on Linux/Mono

Thu, 08 Sep 2011 07:54:18 -0700 


 

 Hi,
in an ASP.NET MVC 3 application I'm sending emails with an activation link to 
subscribers.

I want them to be logged in automatically after clicking the link when the 
activation was successful.
(I do not want to use redirect for several reasons (omitted for brevity))

The problem is that request authorization takes place at the beginning of a 
request, so when I set the Authorization Cookie 
 ( FormsAuthentication.SetAuthCookie(email, false); )
the authorization has already happened before that and the request isn't 
authorized and while technically being logged in a user get's the visual cue 
that he's not and even the link to the login-form gets rendered. 

On my Windows-development machine the solution from Branislav (code below)
http://stackoverflow.com/questions/2105391/how-to-set-request-isauthenticated-to-true-when-not-using-formsauthentication-red/2108227#2108227
works perfectly, but it doesn't work on Mono. (xsp4 & fastcgi-mono-server4)
The solution is calling RenewCurrentUser before returning the View.


1. It would be great if someone could tell me what I need to change in 
RenewCurrentUser so that it works on Mono as well.
2. Background info about the difference in behavior would also be very 
interesting.

Best regards,
Carson

    private void RenewCurrentUser()
    {
      System.Web.HttpCookie authCookie =
          
System.Web.HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
      if (authCookie != null)
      {
        FormsAuthenticationTicket authTicket = null;
        authTicket = FormsAuthentication.Decrypt(authCookie.Value);

        if (authTicket != null && !authTicket.Expired)
        {
          FormsAuthenticationTicket newAuthTicket = authTicket;

          if (FormsAuthentication.SlidingExpiration)
          {
            newAuthTicket = FormsAuthentication.RenewTicketIfOld(authTicket);
          }
          string userData = newAuthTicket.UserData;
          string[] roles = userData.Split(',');

          System.Web.HttpContext.Current.User =
              new System.Security.Principal.GenericPrincipal(new 
FormsIdentity(newAuthTicket), roles);
        }
      }
    }


 

_______________________________________________
Mono-aspnet-list mailing list
Mono-aspnet-list@lists.ximian.com
http://lists.ximian.com/mailman/listinfo/mono-aspnet-list

Reply via email to