I have a serious issue that seems to be intermittent with
User.Identity.Name.
In an environment where about 100+ users are logging on to a site with
forms authentication, calling HttpContext.Current.User.Identity.Name
returns the correctly logged on user.
However, 10% of the time (I'm guessing under stress conditions or
simulataneous requests), the wrong user info is being returned.
The logic of this app:
1) User enters username/pass
2) Info is looked up via SQL DB call
3) If match, user is authenticated via
FormsAuthentication.RedirectFromLoginPage(username , True)
4) On all the pages the user visits, his/her info is shown via a call
to HttpContext.Current.User.Identity.Name
This works almost all the time. Any ideas why it might be failing from
time to time?
10  16987 
usually a coding error where you store the user info in a vb module or c#
static during page processing.
-- bruce (sqlwork.com)
<ki*********@hotmail.com> wrote in message
news:11**********************@f14g2000cwb.googlegr oups.com...
| I have a serious issue that seems to be intermittent with
| User.Identity.Name.
|
| In an environment where about 100+ users are logging on to a site with
| forms authentication, calling HttpContext.Current.User.Identity.Name
| returns the correctly logged on user.
|
| However, 10% of the time (I'm guessing under stress conditions or
| simulataneous requests), the wrong user info is being returned.
|
| The logic of this app:
|
| 1) User enters username/pass
| 2) Info is looked up via SQL DB call
| 3) If match, user is authenticated via
| FormsAuthentication.RedirectFromLoginPage(username , True)
| 4) On all the pages the user visits, his/her info is shown via a call
| to HttpContext.Current.User.Identity.Name
|
| This works almost all the time. Any ideas why it might be failing from
| time to time?
|
Bruce,
Thanks for the reply.
Can you please give me more detail?
When you say "coding error where you store the user info", what is the
common error here?
We are not storing that info anywhere, but just calling
HttpContext.Current.User.Identity.Name whenever we need that info.
Sometimes it's correct, sometimes it's not.
Kiran
Bruce,
Thanks for the reply.
Can you please give me more detail?
When you say "coding error where you store the user info", what is the
common error here?
We are not storing that info anywhere, but just calling
HttpContext.Current.User.Identity.Name whenever we need that info.
Sometimes it's correct, sometimes it's not.
Kiran
Hi Kiran..
Are you using Forms Authentication and validating against SQL Server?
Are u sure u aren;t using Windows Auth since u are calling :-
HttpContext.Current.User.Identity.Name
Pls Elaborate more..
Patrick
"ki*********@hotmail.com" wrote: I have a serious issue that seems to be intermittent with
User.Identity.Name.
In an environment where about 100+ users are logging on to a site with
forms authentication, calling HttpContext.Current.User.Identity.Name
returns the correctly logged on user.
However, 10% of the time (I'm guessing under stress conditions or
simulataneous requests), the wrong user info is being returned.
The logic of this app:
1) User enters username/pass
2) Info is looked up via SQL DB call
3) If match, user is authenticated via
FormsAuthentication.RedirectFromLoginPage(username , True)
4) On all the pages the user visits, his/her info is shown via a call
to HttpContext.Current.User.Identity.Name
This works almost all the time. Any ideas why it might be failing from
time to time?
Patrick,
Thanks for the reply.
Ok here is what I'm doing:
1) User enters user and pass
2) Check for match with SQL DB
3) If match, call FormsAuthentication.RedirectFromLoginPage(username ,
True)
After all that, I was under the impression that the best way to check
for the currently logged in user is to call:
HttpContext.Current.User.Identity.Name
Is this not correct? How else do you check the name with Forms
Authentication?
Thanks,
Kiran
Hello ki*********@hotmail.com,
You are correct. My guess is that somewhere you're storing/retrieving this
info from a static variable...
--
Matt Berther http://www.mattberther.com Patrick,
Thanks for the reply.
Ok here is what I'm doing:
1) User enters user and pass
2) Check for match with SQL DB
3) If match, call FormsAuthentication.RedirectFromLoginPage(username ,
True)
After all that, I was under the impression that the best way to check
for the currently logged in user is to call:
HttpContext.Current.User.Identity.Name
Is this not correct? How else do you check the name with Forms
Authentication?
Thanks,
Kiran
HI Kiran
As Matt stated you're storing/retrieving somewhere..!
With your Forms Auth validating against SQL server are u implementing
ROLES(Authorisation)..b-cos if you do then u must be storing USERS for
sure..
B-cos by calling "HttpContext.Current.User.Identity.Name"
ur just calling the logged on user..
Hope it helps..
Patrick
**Let me read from you**
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Thanks for all the replies.
However, we are *not* storing this information anywhere at all.
We are not doing roles based auth.
Whenever we need to figure out who the current user is, we call
HttpContext.Current.User.Identity.Name. This is not stored in a
variable anywhere.
Am I understanding the above call correctly? If user "a" logs in and
then user "b" logs in, does calling identity.name for user "a"'s
session show user "b"'s info? Because that is what is happening with
10% of the requests.
Kiran_S_Rao,
This seems wierd!
When u talk about INFO do you mean the USerName?
Are 10% of this users in the same Domain?
As u are using Forms Auth do you have Anonymous Acces turned OFF or ON?
Patrick
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Patrick,
Yes, the info that I was referring to was the Username.
When I say 10% of the calls fail, what I mean is that sometimes, a
given user's session will return someone else's Username.
This is not predicatable and does not happen to a certain set of
people. All the users have this happen sooner or later. There is no
domain distinction since the usernames are held in the DB, and have
nothing to do with the domain of the server.
In IIS, I have anonymous access turned ON so unregistered users can
access the rest of the site.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Giovanni Bassi |
last post by:
Hello Group,
I using impersonation on my web app. I am explicitely setting the User with
the identity element in the web.config like this:
<identity impersonate="true" userName="MyUsr"...
|
by: Dan Bart |
last post by:
I am using an application which is a modification of IBuySpy Portal.
It is using Forms authentication. Users login and their name is added
to
Context
Then I use:
...
|
by: Gilles |
last post by:
Hello,
I'm facing a big problem in an Asp.Net application, when
users connect the application, I store their user
informations into the session object (session_start).
But when 2 users click...
|
by: vvenk |
last post by:
Hello:
I am trying to initialize a User object at application start:
Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs)
' Fires when the application is started
Dim loOutcome...
|
by: nalbayo |
last post by:
what's the difference between
HttpContext.Current.User.Identity.Name;
and
Context.User.Identity.Name;
thanks!
|
by: D-Someone |
last post by:
We have an active directory user that just had her username renamed.
When the user is running an application that calls our CurrentUser web
service method (which returns the value of...
|
by: Abraham Andres Luna |
last post by:
hello everyone,
does anyone know why i can't access the
HttpContext.Current.User.Identity.Name property in a .cs file?
this is the index.aspx page:
<%@ Page Language="C#" %>
<script...
|
by: Doogie |
last post by:
Hi,
I am using HttpContext.Current.User.Identity.Name to get a user id
from a web application. I then use that as part of a name of a cookie
I'm writing. 30 minutes later I do a refresh of this...
|
by: =?Utf-8?B?QW50b25pbyBPJydOZWFs?= |
last post by:
We changed a username in AD. The user now logs on to a computer on our
network using the new username without any problems. They can not logon using
the old username. However, when they access a...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
| |
