protected void Application_AuthenticateRequest(Object sender, EventArgs e) { if (Request.IsAuthenticated == true) { HttpCookie authenCookie = HttpContext.Current.Request.Cookies.Get(FormsAuthentication.FormsCookieName); if (authenCookie == null) { FormsAuthentication.SignOut(); HttpContext.Current.User = null; return; } FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authenCookie.Value); FormsIdentity id = new FormsIdentity(ticket); UserToken token = SiteSecurity.GetToken(ticket.Name); if (token != null) { GenericPrincipal principal = new GenericPrincipal(id, new string[] { token.Role }); HttpContext.Current.User = principal; } else { FormsAuthentication.SignOut(); HttpContext.Current.User = null; } } }