5

I'm having a lot of problems with FormsAuthentication and as as potential work around I'm thinking about storing the login in the Session?

Login:
Session["Auth.ClientId"] = clientId;

IsAuthenticated:
Session["Auth.ClientId"] != null;

Logout;
Session["Auth.ClientId"] == null;

I'm not really using most of the bells and whistles of FormsAuthentication anyway. Is this a bad idea?

Improve this question
1
  • 1
    What are the problems you're having with forms authentication? Commented Jun 3, 2010 at 11:54

2 Answers 2

Reset to default
2

I would not store any valuable information in the session.

For authentication I would use:

if (HttpContext.Current.User.Identity.IsAuthenticated)
{
    // Then u use 
    // this.User.Identity.Name as my membership_id so i could call this everywhere
}else
{
    //Redirect to Login
    //gettting my LoginPageAddress
    Response.Redirect(ConfigurationSettings.AppSettings["LoginPage"]);
}

Login is something like this:

FormsAuthentication.SetAuthCookie(membership_ID, false)

Anyway hope this helps

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

i don't think it's an bad idea, i've seen plenty of sites using session together with a db to store auth data, however there are other ways to get around not using the formsauthentication tables but still be able to use things like roles.

How do I create a custom membership provider for ASP.NET MVC 2?

has good examples of that.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.