HttpContext.Current.User is Nothing in Application_AuthenticateRequest

Hi experts,

I have an ASP.NET application in develoment, that uses Forms Authentication.  I have written some code (based on an article from MSDN, if I remember correctly) to store role-information in a ticket in a coockie.

Then in the "Application_AuthenticateRequest" method of Global.asax, I used some information of HttpContect.Current.User to get back to the role-info that was stored in the ticket.

Now, after a few weeks when everything worked fine, all of a sudden the "HttpContect.Current.User" is always equal to Nothing, and I have no clue where to look.  I have checked that none of my security-related code has changed.


LVL 10
Who is Participating?
joriszwaenepoelConnect With a Mentor Author Commented:
I found the reason why the code suddenly failed:
As I added more roles to the application, the amount of data in the ticket increased, until it stopped working.  I discovered that by adding a user with less privileges, for who the original code still worked, then added more privileges until it suddenlmy stopped working.  So I guess there is a limit to the amount of data that can be stored in the ticket (in the coockie).

I now store the role-information in a session variable, ans use that instead.
Have you recently moved to IIS 7? Have a look at this link, especially items 8 to 10:

joriszwaenepoelAuthor Commented:
That's good to know, but I haven't changed the version of IIS.
I am developing using VS2005, and the problem exists with the internal "visual studio development server" and also with the IIS Web Server.  That is why I think it must be a project setting or some programmatic change that caused this change in behaviour.

I have found a workaround (keeping the roles in an session variable, instead of in the authentication ticket), but I would still like to know what caused this.  It could help to prevent similar problems in fututre projects.


Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.