问题
I am using Application_OnPostAuthenticateRequest event in global.asax to get
a) Roles and permissions of authenticated user also i have made my custom principal class to get user detail and roles and permission.
b) To get some information which remain same for that user.
void Application_OnPostAuthenticateRequest(object sender, EventArgs e)
{
// Get a reference to the current User
IPrincipal objIPrincipal = HttpContext.Current.User;
// If we are dealing with an authenticated forms authentication request
if ((objIPrincipal.Identity.IsAuthenticated) && (objIPrincipal.Identity.AuthenticationType == "Forms"))
{
CustomPrincipal objCustomPrincipal = new CustomPrincipal();
objCustomPrincipal = objCustomPrincipal.GetCustomPrincipalObject(objIPrincipal.Identity.Name);
HttpContext.Current.User = objCustomPrincipal;
CustomIdentity ci = (CustomIdentity)objCustomPrincipal.Identity;
HttpContext.Current.Cache["CountryID"] = FatchMasterInfo.GetCountryID(ci.CultureId);
HttpContext.Current.Cache["WeatherLocationID"] = FatchMasterInfo.GetWeatherLocationId(ci.UserId);
Thread.CurrentPrincipal = objCustomPrincipal;
}
}
My question is the following:
- This event fires every time for every request. Hence for each request the code execute?
- My approach is right or not?
- Is it right to add HttpContext.Current.Cache in this event or we should move it to Session_Start
回答1:
- Yes this event fires for every request
- Yes you can use this event to get information for the authenticated user
- No, don't use
HttpCurrent.Current.Cacheto store user specific information as the cache is common for all users and you will get conflicts. UseHttpContext.Current.Sessioninstead as this will be specific to the user.
来源:https://stackoverflow.com/questions/1147266/global-asax-event-application-onpostauthenticaterequest