I've got a very weird situation I need help with. I'm building a
solution where I have custom components in a web content management
system using a web store library (API in DLLs). The CMS is using Forms
authentication to verify users when they log in. I log the user in
using the following code:
private bool AttemptLogon( string username, string password )
{
_errorMessage = "";
Customer customer = new Customer();
try
{
if (Customer.Login(username,password))
{
FormsAuthentication.SetAuthCookie(username,false,
"/boksala");
string redirecturl = (string)Session["oshopredirecturl"];
if (redirecturl != null && redirecturl != string.Empty)
{
Session.Abandon();
Response.Redirect( redirecturl );
}
else
{
Response.Redirect(HttpUrlBuilder.GetStoreHomePage( ).ToString());
}
return true;
}
else
{
_errorMessage = RM.GetString("ERROR_LOGIN_FAILED");
return false;
}
}
catch(AccountDisabledException)
{
_errorMessage = RM.GetString("ERROR_ACCOUNT_DISABLED");
}
return false;
}
After this is run, and a valid user is provided, the
HttpContext.Current.User.IsAuthenticated returns true and all is well.
When I then debug the 3rd party web store API DLL, everything turns
strange! The authentication type is all of a sudden Windows
Authentication, and IsAuthenticated returns false! How can this be? Is
there any possibility that there are two different HttpContexts? This
is within the same aspx page, and the context should therefore be the
same. I'm not sure if the 3rd Party API does something to change the
authentication mode all of a sudden, and I've searched for any
explanation in vain. Any ideas?
ThanksOne good place to start is with the API documentation. Have a look to see
how it handles authentication in a server environment.
--
________________________
Warm regards,
Alvin Bruney [MVP ASP.NET]
[Shameless Author plug]
Professional VSTO.NET - Wrox/Wiley
The O.W.C. Black Book with .NET
www.lulu.com/owc, Amazon
Blog: http://www.msmvps.com/blogs/alvin
-----------------
"Torfi" <torfig@.gmail.com> wrote in message
news:1149265535.183815.269420@.i40g2000cwc.googlegr oups.com...
> Hello all
> I've got a very weird situation I need help with. I'm building a
> solution where I have custom components in a web content management
> system using a web store library (API in DLLs). The CMS is using Forms
> authentication to verify users when they log in. I log the user in
> using the following code:
> private bool AttemptLogon( string username, string password )
> {
> _errorMessage = "";
> Customer customer = new Customer();
> try
> {
> if (Customer.Login(username,password))
> {
> FormsAuthentication.SetAuthCookie(username,false,
> "/boksala");
> string redirecturl = (string)Session["oshopredirecturl"];
> if (redirecturl != null && redirecturl != string.Empty)
> {
> Session.Abandon();
> Response.Redirect( redirecturl );
> }
> else
> {
> Response.Redirect(HttpUrlBuilder.GetStoreHomePage( ).ToString());
> }
> return true;
> }
> else
> {
> _errorMessage = RM.GetString("ERROR_LOGIN_FAILED");
> return false;
> }
> }
> catch(AccountDisabledException)
> {
> _errorMessage = RM.GetString("ERROR_ACCOUNT_DISABLED");
> }
> return false;
> }
> After this is run, and a valid user is provided, the
> HttpContext.Current.User.IsAuthenticated returns true and all is well.
> When I then debug the 3rd party web store API DLL, everything turns
> strange! The authentication type is all of a sudden Windows
> Authentication, and IsAuthenticated returns false! How can this be? Is
> there any possibility that there are two different HttpContexts? This
> is within the same aspx page, and the context should therefore be the
> same. I'm not sure if the 3rd Party API does something to change the
> authentication mode all of a sudden, and I've searched for any
> explanation in vain. Any ideas?
> Thanks
0 comments:
Post a Comment