public UserPrincipal(IIdentity identity) { AppDomain currentdomain = Thread.GetDomain(); currentdomain.SetPrincipalPolicy(PrincipalPolicy.UnauthenticatedPrincipal); IPrincipal oldPrincipal = Thread.CurrentPrincipal; Thread.CurrentPrincipal = this; try { if (oldPrincipal.GetType() != typeof(UserPrincipal)) currentdomain.SetThreadPrincipal(this); } catch { // failed, but we don't care because there's nothing // we can do in this case } currentIdentity = (UserIdentity)identity; }
protected void Application_AuthenticateRequest(object sender, EventArgs e) { HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value); var usr = Auth.GetUserDetails(ticket.Name); var permissions = Auth.GetUserPermissions(ticket.Name); var usrDetails = new { UserName = usr.UserName, IpAddress = usr.IpAddress, Permissions = permissions }; UserIdentity identity = new UserIdentity(usrDetails); UserPrincipal principal = new UserPrincipal(identity); HttpContext.Current.User = principal; } }