2
Answers

Authorize(Roles = “Admin”) not working on FormAuthentication

In form authentication the [Authorize(Roles = "Admin")] not working.

Here is the web.config:
 
  1. <roleManager enabled="true" />  
  2.      <authentication mode="Forms">            
  3.           <forms  defaultUrl="~/Account/Login" loginUrl="~/Account/Login" domain=".xyz.com"  path="/"/>  
  4.         </authentication>  
  5.         <machineKey validationKey="395BB0DAFA02BA520EDB43E7EDF06BBFD72FC13A5209243270539E01074B0EA4" decryptionKey="037D2C9D97979D8D810F4A6A2B9337BD181F32167735F2E0" validation="SHA1"/>  
Here is the Application_AuthenticateRequest in Global.asax
  1. protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)  
  2.      {  
  3.          HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];  
  4.   
  5.          if (authCookie != null)  
  6.          {  
  7.              try  
  8.              {  
  9.                  FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);  
  10.   
  11.                  JavaScriptSerializer serializer = new JavaScriptSerializer();  
  12.   
  13.                  CustomPrincipalSerializeModel serializeModel = serializer.Deserialize<CustomPrincipalSerializeModel>(authTicket.UserData);  
  14.   
  15.                  CustomPrincipal newUser = new CustomPrincipal(authTicket.Name);  
  16.                  newUser.UserID  = serializeModel.UserID;  
  17.                  newUser.FirstName = serializeModel.FirstName;  
  18.                  newUser.LastName = serializeModel.LastName;  
  19.                  newUser.ProfilePicture = serializeModel.ProfilePicture;  
  20.                  newUser.UserCode = serializeModel.UserCode;  
  21.                  newUser.UserEmail = serializeModel.UserEmail;  
  22.                  newUser.UserType = serializeModel.UserType;  
  23.                  newUser.Fk_Parent = serializeModel.Fk_Parent;  
  24.                  newUser.CompanyID = serializeModel.CompanyID;  
  25.                  newUser.isSASS = serializeModel.isSASS;  
  26.                  newUser.Commission = serializeModel.Commission;  
  27.                  newUser.CommissionManager = serializeModel.CommissionManager;  
  28.                  newUser.ISACount = serializeModel.ISACount;  
  29.   
  30.                  HttpContext.Current.User = newUser;  
  31.              }  
  32.              catch (Exception ex)  
  33.              {  
  34.                  HttpContext.Current.User = null;  
  35.              }  
  36.          }  
  37.      }  
  38.   
  39.      interface ICustomPrincipal : IPrincipal  
  40.      {  
  41.          int UserID { get; set; }  
  42.          string FirstName { get; set; }  
  43.          string LastName { get; set; }  
  44.          string ProfilePicture { get; set; }  
  45.          Guid UserCode { get; set; }  
  46.          string UserEmail { get; set; }  
  47.          int UserType { get; set; }  
  48.          int Fk_Parent { get; set; }  
  49.          string CompanyID { get; set; }  
  50.          Nullable<bool> isSASS { get; set; }  
  51.          double? Commission { get; set; }  
  52.          double? CommissionManager { get; set; }  
  53.          Nullable<int> ISACount { get; set; }  
  54.      }  
  55.   
  56.      public class CustomPrincipal : ICustomPrincipal  
  57.      {  
  58.          public IIdentity Identity { get; private set; }  
  59.          public bool IsInRole(string role) {  
  60.              string inRole = string.Empty;  
  61.              inRole =Enum.GetName(typeof(UserType), UserType);  
  62.                
  63.              if (inRole == role)  
  64.              {  
  65.                  return true;  
  66.              }  
  67.              else  
  68.              {  
  69.                  return false;  
  70.              }  
  71.            
  72.          }  
  73.   
  74.          public CustomPrincipal(string email)  
  75.          {  
  76.              this.Identity = new GenericIdentity(email);  
  77.          }  
  78.   
  79.          public int UserID { get; set; }  
  80.          public string FirstName { get; set; }  
  81.          public string LastName { get; set; }  
  82.          public string ProfilePicture { get; set; }  
  83.          public Guid UserCode { get; set; }  
  84.          public string UserEmail { get; set; }  
  85.          public int UserType { get; set; }  
  86.          public int Fk_Parent { get; set; }  
  87.          public string CompanyID { get; set; }  
  88.          public Nullable<bool> isSASS { get; set; }  
  89.          public double? Commission { get; set; }  
  90.          public double? CommissionManager { get; set; }  
  91.          public Nullable<int> ISACount { get; set; }  
  92.      }  
  93.   
  94.      public class CustomPrincipalSerializeModel  
  95.      {  
  96.          public int UserID { get; set; }  
  97.          public string FirstName { get; set; }  
  98.          public string LastName { get; set; }  
  99.          public string ProfilePicture { get; set; }  
  100.          public Guid UserCode { get; set; }  
  101.          public string UserEmail { get; set; }  
  102.          public int UserType { get; set; }  
  103.          public int Fk_Parent { get; set; }  
  104.          public string CompanyID { get; set; }  
  105.          public Nullable<bool> isSASS { get; set; }  
  106.          public double? Commission { get; set; }  
  107.          public double? CommissionManager { get; set; }  
  108.          public Nullable<int> ISACount { get; set; }  
  109.      }  
 Here is the controller:
  1. [Authorize(Roles = "Admin,SubAdmin")]  
  2.         public ActionResult Index()  
  3.         {  
  4.         ////  
  5.         }  

the problem is that when i use <authentication mode="Forms"> in web.config then Authorize Role is not working.

I have two different domain(one is suppose xyz.com and another one is a.xyz.com(subdomain))

Here i am passing the cookie value from one to another for accessing all the data.(sso)

The above code is in xyz.com. the same code of global.asax is on the a.xyz.com so How do i fix the problem.Both are in Mvc 5 c#.

 

Answers (2)