Concatenate columns value returns by datareader

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • beemomo
    New Member
    • Jan 2008
    • 50
    #1

    Concatenate columns value returns by datareader

    I manage to store the additional use data (username, fullname, rolecode) in FormAuthenticat ionTicket. However ,
    the user has more than one role , he can be admin, poweruser , executive ,etc... can anyone please tell me how can i concatenate the rodecode return by datareader if it returns more than 1 value? so that i can put it as a string in userdatastring of the authentication ticket?

    eg:
    If datareader returns:

    UserName FullName RoleCode
    amy33 amy watson ADMIN
    amy33 amy watson POWERUSER
    amy33 amy watson EXEC

    how can i can i store all this 3 RoleCode in userdatastring?
    Thank you !


    Code:
    drDataReader = cmd.ExecuteReader()
While drDataReader.Read()

strFullName = drDataReader("FullName").ToString
strUserName = drDataReader("UserName").ToString
strRoleCode = drDataReader("RoleCode").ToString
[B]userDataString = String.Concat(strFullName, "|", strUserName, "|", strRoleCode)[/B]

Dim authCookie As HttpCookie = FormsAuthentication.GetAuthCookie(txtUserName.Text, chkPersistCookie.Checked)

Dim ticket As FormsAuthenticationTicket = FormsAuthentication.Decrypt(authCookie.Value)

Dim newTicket As FormsAuthenticationTicket = New FormsAuthenticationTicket(ticket.Version, ticket.Name, ticket.IssueDate, ticket.Expiration, ticket.IsPersistent, [B]userDataString[/B])
    Tags: None
    • Frinavale
      Recognized Expert Expert
      • Oct 2006
      • 9749
      #2
      You shouldn't be storing the user's roles in the Forms Authentication ticket.

      When the request to the server is made for your website, the ASP.NET Forms Authentication feature will check if there is a valid Forms Authentication cookie (ticket). If so, the authentication feature creates a Token that represents the user. This token is created based on information retrieved from your database. The token is then set in the HttpContext.Use r property which is accessible through out your application.

      You should be using the User property to check for roles etc.
      You should Not be storing this information in the cookie.

      -Frinny
      Last edited by Frinavale; Aug 24 '11, 03:51 PM.

        Comment

        • beemomo
          New Member
          • Jan 2008
          • 50
          #3
          Thanks for your reply , Frinny.

          This is the first time I create the login page using form authentication. Sorry for my noobness.

          I've been struggling for several to find the answer on how can i store the user's additional data. Thanks for your advise , but that would be great if you can explain how can I store user data using HttpContext.Use r

          Public Property User As IPrincipal
          Get
          Set

          Hmm, i have a bunch of questions here:
          What should i put in the Get and Set section so that it knows which user i refer to? Do need to do any query to refer to that user with the ticket? Hope that u can explain by providing some codes example or information? Many thanks again, Frinny.

            Comment

            • Frinavale
              Recognized Expert Expert
              • Oct 2006
              • 9749
              #4
              It sounds like you're interested in implementing your own Principal and Identity Objects.

              Essentially the Principal object contains all of the security information...l ike the user's permissions, roles etc.

              The Principal object has an Identity property.
              The Identity class contains the user's personal information...l ike the user's name, birth date(if you want)... etc

              Here is a walkthrough about implementing custom Authentication and Authorization that I think you'll find really helpful :)

              -Frinny

              Edit: PS if you still have problems after working through the walk through I'll do my best to help you solve them
              Last edited by Frinavale; Aug 24 '11, 03:50 PM.

                Comment

                • beemomo
                  New Member
                  • Jan 2008
                  • 50
                  #5
                  Thanks again Frinavale for your reply. Sorry for my late reply because I have been away from my workstation since last weekend.

                  I have tried the walk through, and will try to implement this into my project.

                  I really appreciate your advise and reply. This is a new and very useful peace of knowledge for me to learn and explore.

                  Cheers,
                  beemomo

                    Comment

                    Previous template Next
                    Working...