protected void Application_PostAuthenticateRequest(Object sender, EventArgs e) { HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value); System.Web.HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(new FormsIdentity(ticket), ticket.UserData.Split(new string [] { "," }, StringSplitOptions.RemoveEmptyEntries)); WcfUserClientSession.LoadSession(); } }
/// <summary> /// Executed after a reply is received. Adds the security string and cookie if the HttpContext.Current instance is available /// </summary> /// <param name="reply">The reply of the server</param> /// <param name="correlationState">The correlation state</param> public void AfterReceiveReply(ref Message reply, object correlationState) { if (HttpContext.Current == null) { return; } var header = reply.Headers.GetHeader <UserSessionConfiguration>(WcfUserSessionBehaviour.HeaderName, WcfUserSessionBehaviour.HeaderNamespace); WcfUserClientSession.SetClientSession(header); if (header != null && !string.IsNullOrWhiteSpace(header.SessionId)) { HttpContext.Current.Response.Cookies.Add(new HttpCookie(WcfUserSessionBehaviour.SecurityStringCookieName, header.SessionId)); if (!string.IsNullOrWhiteSpace(header.UserDisplayName)) { FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, header.UserDisplayName, DateTime.Now, DateTime.Now.AddMinutes(header.Sessiontimeout), false, header.RoleNames == null || header.RoleNames.Count() == 0 ? string.Empty : header.RoleNames.Aggregate((s1, s2) => { return(s1 + "," + s2); }), FormsAuthentication.FormsCookiePath); System.Web.HttpContext.Current.Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket))); if (HttpContext.Current.User == null || !HttpContext.Current.User.Identity.IsAuthenticated) { HttpContext.Current.User = new GenericPrincipal(new FormsIdentity(ticket), header.RoleNames.ToArray()); } } } else { HttpContext.Current.Response.Cookies.Remove(WcfUserSessionBehaviour.SecurityStringCookieName); FormsAuthentication.SignOut(); } }