0

I've been receiving some error reports recently that seem to suggest that sometimes User.Identity.Name is NULL or different to what it should be (the authenticated user's username), even when the page is authenticated:

[Authorize]
[HttpGet]
public ActionResult MyAction() 
{
    string username = User.Identity.Name;
    Member member = memberRepository.GetMemberByUserName(username); 

    member.something // fails with a null reference exception
}

The GetMemberByUserName() method uses Linq to SQL to retrieve the member.

public Member GetMemberByUsername(string username)
{
    if (String.IsNullOrEmpty(username))
        return null;

    return db.Members.SingleOrDefault(d => d.username.Equals(username));
}

Under which circumstances would this happen? Do I need to check if User.Identity.Name is NULL whenever I use it?

Of course, the User.Identity.Name could be a red herring, and it could be that the database is just not returning anything. I would probably have expected an exception to be thrown if this was the case, though.

EDIT: This is an intermittent issue - it could be that an authenticated user refreshes once, the User.Identity.Name is correct and the member is retrieved, and then on a second refresh, the member is not retrieved.

Improve this question
3
  • The only return case possible here is to return null or an empty Member. Commented Mar 3, 2012 at 21:13
  • Examine what User.Identity.Name returns and if such value exist in your database. Hope it'll give you hint. Commented Mar 3, 2012 at 22:11
  • It's definitely in the database. This code errors out intermittently. Commented Mar 4, 2012 at 0:22

2 Answers 2

Reset to default
2

it could be that the database is just not returning anything. I would probably have expected an exception to be thrown if this was the case, though.

No, it won't. SingleOrDefault will return a single record, no record, or throw an exception if more than one record exists.

Single will return a single record, or throw an exception if no record or more than one exists.

Could be a few things. Maybe you have case sensitivity issues with the String.Equals.

It's still possible that Request.IsAuthenticated (what [Authorize] looks at) is true, but there is no identity. Particulary true in custom authentication systems (such as attempting to decrypt the forms authentication ticket), and you haven't specified what your using.

Also, make sure the Username field is backed by a unique index, to provide server-side guarantees that SingleOrDefault will NEVER throw an exception.

I would put some try/catch in your controller actions, and setup ELMAH to catch the exceptions.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

I don't believe the User.Identity.Name not returning anything is really an issue. Usually, this would throw an exception as Identity would be null thus making the Name property not accessible. So I would concentrate on the db stuff as RPM1984 recommended.
@Jeff - maybe "Name" is empty. We have no idea, we can only speculate based on the info given.
I had figured that it would throw an exception because the user definitely does exist in the database - this is an intermittent error that occurs.
2

How about:

public Member GetMemberByUsername(string username)
{
    if (String.IsNullOrEmpty(username))
       return null;

    return db.Members.SingleOrDefault(d => d.username.Equals(username));
}
Improve this answer

1 Comment

Oops, sorry - mistyped my question. That's actually what the method says. Answer edited.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.