setting HttpContext.Current.User

Question

I am developing an asp.net mvc 3.0 application which has a simple authentication process. User fills a form which is sent to server by ajax call and gets response, but the

Answer 1

You need to manually set it. Rather than reinventing the wheel, note the section here on updating the current principal for the request - thats your option here.

How to set Request.IsAuthenticated to true when not using FormsAuthentication.RedirectFromLoginPage?

public void RenewCurrentUser()
{
    System.Web.HttpCookie authCookie =
        System.Web.HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
    if (authCookie != null)
    {
        FormsAuthenticationTicket authTicket = null;
        authTicket = FormsAuthentication.Decrypt(authCookie.Value);


    if (authTicket != null && !authTicket.Expired)
    {
        FormsAuthenticationTicket newAuthTicket = authTicket;

        if (FormsAuthentication.SlidingExpiration)
        {
            newAuthTicket = FormsAuthentication.RenewTicketIfOld(authTicket);
        }
        string userData = newAuthTicket.UserData;
        string[] roles = userData.Split(',');

        System.Web.HttpContext.Current.User =
            new System.Security.Principal.GenericPrincipal(new FormsIdentity(newAuthTicket), roles);
    }
}

}