ASP.Net initial member participation issues

I am having a problem with PrinciplePermissionAttribute

throwing exceptions. Any pages where I have a method attribute Load

throw an exception immediately after the initial login.

<PrincipalePermission(SecurityAction.Demand, role:="Level1")> _
Protected Sub Page_Load(ByVal sender As Object, ByVal e as System.EventArgs) Handles Me.Load
End Sub


This throws an exception Request for principal permission failed


If I remove this, the page loads fine and I can navigate to another page that has this same attribute and it works flawlessly. Also if I use the membership system Roles.IsUserInRole()

I have no problem.

I noticed that after the initial login, mine Thread.CurrentPrincipal

is of type GenericPrincipal

and not RolePrincipal

. Subsequent queries display the correct type instead of the generic one. I tried to force this on a file Global.asax

in an event PostAuthenticate

, but seems to set GenericPrincipal

after that.

Any ideas on how to fix this behavior or am I sticking with the method Roles.IsUserInRole()


After finding some explanation of what's going on in the pipeline here , I can see why changing it to Global.asax

didn't help. I used to have a prototype of a project that I was testing and I couldn't reproduce it there. I am wondering if it has anything to do with the type of project. The prototype is the website project and the problematic is the web application project.

I think it's odd that GenericPrincipal

changed to RolePrincipal

, but only after the initial request has been processed. So it's hard to say that its not working like it doesn't before my "Page_Load" is executed.


source to share

1 answer

I think you are using forms authentication ...

PrincipalPermission validates Thread.CurrentPrincipal. Roles.IsUserInRole () checks HttpContext.Current.User. So if they are different, you can fix it in the Global.asax file on the Application_AuthenticateRequest event.



All Articles