Question Form Authentication Ticket to Store Additional User Data

[beemomo]

Hi, this is my first time posting in here. Hopefully I post my thread in the right place.

I am trying to implement login page using Form Authentication in ASP.net using vb code.I follow the steps in How To Implement Forms-Based Authentication in Your ASP.NET Application by Using Visual Basic .NET. I created a function in login page :

Private Function ValidateUser(ByVal strUsername As String, ByVal strPassword As String) As Boolean

and call it in btnLogIn_Click

Protected Sub btnLogIn_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogIn.Click
     If ValidateUser(txtUserName.Text, txtPassword.Text) = True Then
          FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, chkPersistCookie.Checked)
          Response.Redirect("MaintainUsers.aspx", True)
     Else
          Response.Redirect("Login.aspx", True)
End If

and in masterpage page_load , the usename is displayed in the welcome message

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
     If HttpContext.Current.User.Identity.IsAuthenticated Then
          Me.lblWelcomeMessage.Text = "Welcome," + " " + HttpContext.Current.User.Identity.Name
     End If
End Sub

Things works fine and i can get the username display in label using the RedirectFromLoginPage method.

However, I found out that the RefirectFromLoginPage method is not suitable because i need get more user data like UserName, Fullname and RoleCode. Also, i would to display the user's fullname to instead of usename in welcome message. I was told this can be done using FormsAuthenticationTicket method to store addictional user data. Do i need to create a user data class to store the user data and then use it in the FormAuthenticationTicket? If yes, how should i do it? I have been scratching my head several days in googling to get a proper guide to do this,but i still cannot find out the solution.

Please can anyone help me? This is my first project in web application and I am quite lost now :ambivalence:, your help is much appreciated. Thank you.

 

[beemomo]

Dear all,

I manage to store the additional use data (username, fullname, rolecode) in FormAuthenticationTicket. However ,
the user has more than one role , he can be admin, poweruser , executive ,etc... can anyone please tell me how can i concatenate the rodecode return by datareader if it returns more than 1 value? so that i can put it as a string in userdatastring of the authentication ticket?

[SIZE=2]drDataReader = cmd.ExecuteReader()[/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]While[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] drDataReader.Read()
[/SIZE][SIZE=2]strFullName = drDataReader([/SIZE][SIZE=2][COLOR=#a31515][SIZE=2][COLOR=#a31515]"FullName"[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2]).ToString
strUserName = drDataReader([/SIZE][SIZE=2][COLOR=#a31515][SIZE=2][COLOR=#a31515]"UserName"[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2]).ToString
strRoleCode = drDataReader([/SIZE][SIZE=2][COLOR=#a31515][SIZE=2][COLOR=#a31515]"RoleCode"[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2]).ToString
userDataString = [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]String[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2].Concat(strFullName, [/SIZE][SIZE=2][COLOR=#a31515][SIZE=2][COLOR=#a31515]"|"[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2], strUserName, [/SIZE][SIZE=2][COLOR=#a31515][SIZE=2][COLOR=#a31515]"|"[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2], strRoleCode)
[/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] authCookie [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] HttpCookie = FormsAuthentication.GetAuthCookie(txtUserName.Text, chkPersistCookie.Checked)
[/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] ticket [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] FormsAuthenticationTicket = FormsAuthentication.Decrypt(authCookie.Value)
[/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] newTicket [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] FormsAuthenticationTicket = [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]New[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] FormsAuthenticationTicket(ticket.Version, ticket.Name, ticket.IssueDate, ticket.Expiration, ticket.IsPersistent, userDataString)
[/SIZE][SIZE=2][COLOR=#008000][SIZE=2][COLOR=#008000]' Update the authCookie's Value to use the encrypted version of newTicket
[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2]authCookie.Value = FormsAuthentication.Encrypt(newTicket)
[/SIZE][SIZE=2][COLOR=#008000][SIZE=2][COLOR=#008000]' Manually add the authCookie to the Cookies collection
[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2]Response.Cookies.Add(authCookie)
[/SIZE][SIZE=2][COLOR=#008000][SIZE=2][COLOR=#008000]' Determine redirect URL and send user there
[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2] strRedirect [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]String
[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2]strRedirect = [/SIZE][SIZE=2][COLOR=#a31515][SIZE=2][COLOR=#a31515]"MainTainUsers.aspx"
[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2]Response.Redirect(strRedirect, [/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]True[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2])
[/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]End[/COLOR][/SIZE][/COLOR][/SIZE][SIZE=2][COLOR=#0000ff][SIZE=2][COLOR=#0000ff]While
[/COLOR][/SIZE][/COLOR][/SIZE]

If datareader returns:

UserName FullName RoleCode
amy33 amy watson ADMIN
amy33 amy watson POWERUSER
amy33 amy watson EXEC

how can i can i store all this 3 RoleCode in userdatastring?
Thank you !