asp.net-membership membership membership-provider roleprovider

User.IsInRole vs Roles.IsUserInRole in AuthenticateRequest

HttpContext.Current.User.IsInRole is not available in AuthenticateRequest; however, Roles.IsUserInRole is available.

Is it because new GenericPrincipal is assigned to HttpContext.Current.User after AuthenticateRequest? Could someone explain me about it? Appreciate your help!

void Application_AuthenticateRequest(object sender, EventArgs e)
{
    if(HttpContext.Current.Request.IsAuthenticated)
    {
        // Return False
        bool result1 = HttpContext.Current.User.IsInRole("Administrators");

        // Return True
        bool result2 = Roles.IsUserInRole("Administrators");
    }
}

Solution

I think that you should be subscribing to AuthorizeRequest instead. This event comes after AuthenticateRequest, so the identity of the principal has been established.

http://msdn.microsoft.com/en-us/library/bb470252.aspx

DotNetNuke PersonalizationController Architecture / Replacement
The required anti-forgery form field "__RequestVerificationToken" is not present Error in user Registration
Change ASP.NET Membership tables in database
Sign in to ASP.NET forum from non-forum page
WSAT with Visual Studio 2022 or alternative
Using one Asp.net Membership database with multiple applications Single Sign On
Normalization of Strings With String.ToUpperInvariant()
Is *not* using the asp.net membership provider a bad idea?
How does Membership.ValidateUser method access a database?
How do I use my own database with SimpleMembership and WebSecurity? What is MVC4 security all about?
Get Single MembershipUser from MembershipUserCollection
Avoid concurrent login (logout former login session) in ASP.net membership
How do I define the password rules for the ASP.NET Membership Provider?
.Net test multiple connections for AD authentication using system.web.security (membership)
"Your login attempt was not successful. Please try again" in asp.net although password is reset
What Active Directory field do I use to uniquely identify a user?
a page can have only one server-side form tag - allow unauthenticated access in aspnet membership provider
Implement pbkdf2 in aspnet membership provider - Non-negative number required
Membership Generate Password alphanumeric only password?
ASP.NET MVC: How to implement a Login type partial view that changes depending if logged in or not?
Is there a reliable way to log a user out when the browser is closed?
How does the Authorize tag work? - ASP.NET MVC
How can I access UserId in ASP.NET Membership without using Membership.GetUser()?
User.Identity.IsAuthenticated is false after successful login
What is the logic is MembershipUser.ResetPassword() method
Call custom constructor with Dapper?
Matching password in .Net validate by JavaScript?
'AllowAnonymous' could not be found
MembershipProvider in .NET 4.0
Associate your Microsoft account. Email entry. Again and Again