User.Identity in Global.ASAx

Question

Hi guys i know this is a C# Discusssion forum my questions are always in VB.net sorry In the website we have several folders some folders are accessible by anonymous users others are accessible by members only some by administrators or a both administrators and members can view this folder . Each folder contains some forms; these forms are based on the role as well. We'd like to add user.identity as to authenticate the user based on the user_id from table websit_ users However we are not sure  wither we need to specify each and every form folder or this will be done automatically once authentication is applied. And where do we put the user.identity and what is the exact format of it. Do we include it in our Global.asax after the authentication part?! This is the code in global.asax @ Import Namespace =System.web.Security %> @ Import Namespace =System.Data.SqlClient %> @ Import Namespace =System.Security.principal %> @ Import Namespace =System.Web.Configuration %> @ Application Language =VB %> script runat =server> Sub Application_Start( ByVal sender As Object  ByVal e As EventArgs) ' Code that runs on application startup End Sub Sub Application_End( ByVal sender As Object  ByVal e As EventArgs) ' Code that runs on application shutdown End Sub Sub Application_Error( ByVal sender As Object  ByVal e As EventArgs) ' Code that runs when an unhandled error occurs End Sub Sub Session_Start( ByVal sender As Object  ByVal e As EventArgs) ' Code that runs when a new session is started End Sub Sub Session_End( ByVal sender As Object  ByVal e As EventArgs) ' Code that runs when a session ends. ' Note: The Session_End event is raised only when the sessionstate mode ' is set to InProc in the Web.config file. If session mode is set to StateServer ' or SQLServer the event is not raised. End Sub Protected Sub Application_AuthenticateRequest( ByVal sender As Object  ByVal e As System.EventArgs) If Request.IsAuthenticated Then 'Declare variables Dim sSQL ConnectionString As String Dim objDataCommand As SqlCommand Dim objConnection As SqlConnection ConnectionString = WebConfigurationManager.ConnectionStrings( Carbon_free_ConnectionString ).ConnectionString 'Create connection and open objConnection = New SqlConnection(ConnectionString) objConnection.Open() 'Build SQL to retrieve the roles of the authinticated user. Your will be different according to your database tables and fileds names 'sSQL = Select role_desc FROM Roles R INNER JOIN role_user RU on  & _ 'R.role_id = RU.role_id INNER JOIN Employees E on  & _ 'RU.EmployeeID = E.EmployeeID AND E.EmployeeID =  & User.Identity.Name 'SELECT table1.column1 table2.column2 FROM table1 INNER JOIN table2 ' ON table1.column1 = table2.column1; sSQL = Select Role_Name from Role R INNER JOIN Website_Users U on U.Role_ID = R.Role_ID AND U.User_ID =  & User.Identity.Name objDataCommand = New SqlCommand(sSQL objConnection) 'Execute query and return the role/roles of the user Dim reader As SqlDataReader = objDataCommand.ExecuteReader() 'add the roles to an array list Dim rolelist As New ArrayList Do While reader.Read() rolelist.Add(reader( Role_Name )) Loop 'convert the roles array list to a string array Dim rolelistArray As String () = rolelist.ToArray( GetType ( String )) 'assign the roles to the authinticated user HttpContext.Current.User = New GenericPrincipal(User.Identity rolelistArray) 'close connection t the database objConnection.Close() End If End Sub script > We need your help can any1 advice ASAP?!

PJ Martins · Answer

Have you looked into using the Session variables ie Session[User] = user_id note: you can assign any object you'd like to Session[User] This will allow you to access the object from any form as long as the session is valid.