FormsAuthentication.SetAuthCookie in OnAuthorization of custom attribute

Question

I am trying to set an auth cookie in OnAuthorization of my custom attribute in asp.net mvc(C#) application.

when the session expires(New Session), i am setting an auth cookie again to make it available until the users logout.

I have used the following to set the auth cookie,

//set forms auth cookie
FormsAuthentication.SetAuthCookie(strUserName, true);

But when i check HttpContext.User.Identity.IsAuthenticated, it returns false.

How to set an auth cookie in OnAuthorization of custom attribute?

Answer 1

After setting the auth cookie, you won't automatically get Context.User filled in, you need to do something like:

Context.User = new GenericPrincipal (new GenericIdentity (strUserName, "Forms"), null);

where strUserName must be non-null and not empty for IsAuthenticated to return true. On the next request, Context.User should be set by the FormsAuthenticationModule and you won't have to do anything.

Answer 2

I'm suspecting that you might need to redirect to a new page after you set the auth cookie and then on the new page check the IsAuthenticated. I don't completely remember the order this happens in but this reminds me of an issue I've had.