I have a serious issue that seems to be intermittent with
User.Identity.Name.
In an environment where about 100+ users are logging on to a site with
forms authentication, calling HttpContext.Current.User.Identity.Name
returns the correctly logged on user.
However, 10% of the time (I'm guessing under stress conditions or
simulataneous requests), the wrong user info is being returned.
The logic of this app:
1) User enters username/pass
2) Info is looked up via SQL DB call
3) If match, user is authenticated via
FormsAuthentication.RedirectFromLoginPage(username , True)
4) On all the pages the user visits, his/her info is shown via a call
to HttpContext.Current.User.Identity.Name
This works almost all the time. Any ideas why it might be failing from
time to time? 10 16955
usually a coding error where you store the user info in a vb module or c#
static during page processing.
-- bruce (sqlwork.com)
<ki*********@hotmail.com> wrote in message
news:11**********************@f14g2000cwb.googlegr oups.com...
| I have a serious issue that seems to be intermittent with
| User.Identity.Name.
|
| In an environment where about 100+ users are logging on to a site with
| forms authentication, calling HttpContext.Current.User.Identity.Name
| returns the correctly logged on user.
|
| However, 10% of the time (I'm guessing under stress conditions or
| simulataneous requests), the wrong user info is being returned.
|
| The logic of this app:
|
| 1) User enters username/pass
| 2) Info is looked up via SQL DB call
| 3) If match, user is authenticated via
| FormsAuthentication.RedirectFromLoginPage(username , True)
| 4) On all the pages the user visits, his/her info is shown via a call
| to HttpContext.Current.User.Identity.Name
|
| This works almost all the time. Any ideas why it might be failing from
| time to time?
|
Bruce,
Thanks for the reply.
Can you please give me more detail?
When you say "coding error where you store the user info", what is the
common error here?
We are not storing that info anywhere, but just calling
HttpContext.Current.User.Identity.Name whenever we need that info.
Sometimes it's correct, sometimes it's not.
Kiran
Bruce,
Thanks for the reply.
Can you please give me more detail?
When you say "coding error where you store the user info", what is the
common error here?
We are not storing that info anywhere, but just calling
HttpContext.Current.User.Identity.Name whenever we need that info.
Sometimes it's correct, sometimes it's not.
Kiran
Hi Kiran..
Are you using Forms Authentication and validating against SQL Server?
Are u sure u aren;t using Windows Auth since u are calling :-
HttpContext.Current.User.Identity.Name
Pls Elaborate more..
Patrick
"ki*********@hotmail.com" wrote: I have a serious issue that seems to be intermittent with User.Identity.Name.
In an environment where about 100+ users are logging on to a site with forms authentication, calling HttpContext.Current.User.Identity.Name returns the correctly logged on user.
However, 10% of the time (I'm guessing under stress conditions or simulataneous requests), the wrong user info is being returned.
The logic of this app:
1) User enters username/pass 2) Info is looked up via SQL DB call 3) If match, user is authenticated via FormsAuthentication.RedirectFromLoginPage(username , True) 4) On all the pages the user visits, his/her info is shown via a call to HttpContext.Current.User.Identity.Name
This works almost all the time. Any ideas why it might be failing from time to time?
Patrick,
Thanks for the reply.
Ok here is what I'm doing:
1) User enters user and pass
2) Check for match with SQL DB
3) If match, call FormsAuthentication.RedirectFromLoginPage(username ,
True)
After all that, I was under the impression that the best way to check
for the currently logged in user is to call:
HttpContext.Current.User.Identity.Name
Is this not correct? How else do you check the name with Forms
Authentication?
Thanks,
Kiran
Hello ki*********@hotmail.com,
You are correct. My guess is that somewhere you're storing/retrieving this
info from a static variable...
--
Matt Berther http://www.mattberther.com Patrick,
Thanks for the reply. Ok here is what I'm doing: 1) User enters user and pass 2) Check for match with SQL DB 3) If match, call FormsAuthentication.RedirectFromLoginPage(username , True) After all that, I was under the impression that the best way to check for the currently logged in user is to call: HttpContext.Current.User.Identity.Name
Is this not correct? How else do you check the name with Forms Authentication?
Thanks, Kiran
HI Kiran
As Matt stated you're storing/retrieving somewhere..!
With your Forms Auth validating against SQL server are u implementing
ROLES(Authorisation)..b-cos if you do then u must be storing USERS for
sure..
B-cos by calling "HttpContext.Current.User.Identity.Name"
ur just calling the logged on user..
Hope it helps..
Patrick
**Let me read from you**
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Thanks for all the replies.
However, we are *not* storing this information anywhere at all.
We are not doing roles based auth.
Whenever we need to figure out who the current user is, we call
HttpContext.Current.User.Identity.Name. This is not stored in a
variable anywhere.
Am I understanding the above call correctly? If user "a" logs in and
then user "b" logs in, does calling identity.name for user "a"'s
session show user "b"'s info? Because that is what is happening with
10% of the requests.
Kiran_S_Rao,
This seems wierd!
When u talk about INFO do you mean the USerName?
Are 10% of this users in the same Domain?
As u are using Forms Auth do you have Anonymous Acces turned OFF or ON?
Patrick
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Patrick,
Yes, the info that I was referring to was the Username.
When I say 10% of the calls fail, what I mean is that sometimes, a
given user's session will return someone else's Username.
This is not predicatable and does not happen to a certain set of
people. All the users have this happen sooner or later. There is no
domain distinction since the usernames are held in the DB, and have
nothing to do with the domain of the server.
In IIS, I have anonymous access turned ON so unregistered users can
access the rest of the site. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Giovanni Bassi |
last post by:
Hello Group,
I using impersonation on my web app. I am explicitely setting the User with
the identity element in the web.config like this:
<identity impersonate="true" userName="MyUsr"...
|
by: Dan Bart |
last post by:
I am using an application which is a modification of IBuySpy Portal.
It is using Forms authentication. Users login and their name is added
to
Context
Then I use:
...
|
by: Gilles |
last post by:
Hello,
I'm facing a big problem in an Asp.Net application, when
users connect the application, I store their user
informations into the session object (session_start).
But when 2 users click...
|
by: vvenk |
last post by:
Hello:
I am trying to initialize a User object at application start:
Sub Application_Start(ByVal sender As Object, ByVal e As EventArgs)
' Fires when the application is started
Dim loOutcome...
|
by: nalbayo |
last post by:
what's the difference between
HttpContext.Current.User.Identity.Name;
and
Context.User.Identity.Name;
thanks!
|
by: D-Someone |
last post by:
We have an active directory user that just had her username renamed.
When the user is running an application that calls our CurrentUser web
service method (which returns the value of...
|
by: Abraham Andres Luna |
last post by:
hello everyone,
does anyone know why i can't access the
HttpContext.Current.User.Identity.Name property in a .cs file?
this is the index.aspx page:
<%@ Page Language="C#" %>
<script...
|
by: Doogie |
last post by:
Hi,
I am using HttpContext.Current.User.Identity.Name to get a user id
from a web application. I then use that as part of a name of a cookie
I'm writing. 30 minutes later I do a refresh of this...
|
by: =?Utf-8?B?QW50b25pbyBPJydOZWFs?= |
last post by:
We changed a username in AD. The user now logs on to a computer on our
network using the new username without any problems. They can not logon using
the old username. However, when they access a...
|
by: DolphinDB |
last post by:
Tired of spending countless mintues downsampling your data? Look no further!
In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: Vimpel783 |
last post by:
Hello!
Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
|
by: jfyes |
last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
|
by: ArrayDB |
last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
|
by: PapaRatzi |
last post by:
Hello,
I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Defcon1945 |
last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
| |