locked
FormsAuthentication and Roles using WebService RRS feed

  • Question

  • User-1716253493 posted

    I'm new consuming web services.

    I'm using Simple FormsAuthentication and web service, by providing user and password to login, i get profile and roles data from the web service.

    But, i want to consume profile and roles in other pages. I don't know how to get it without providing password. I don't want to use session variable.

    Please help me.

    Thanks

    Suwandi

    Tuesday, April 23, 2019 1:15 AM

All replies

  • User-893317190 posted

    Hi oned_gk,

    Not sure why you don't want to use session variable , if you use session here , you could meet your requirement.

    If you don't want to use session, you also need a  way to keep the use's state.

    For example, use a distributed cache server to store the use data.

    Could you tell use why you don't want to use session variable?

    Best regards,

    Ackerly Xu

    Tuesday, April 23, 2019 5:57 AM
  • User-1716253493 posted

    When session timeout and user identity still autenticated, sometime i'm loosing session variables related to the user.

    Wednesday, April 24, 2019 2:43 AM
  • User-893317190 posted

    Hi oned_gk ,

    You should set formauthentication cookie timeout and session timeout ,  or  logout the user in session start like the link below suggests.

    https://stackoverflow.com/questions/12780965/why-set-forms-authentication-timeout-longer-than-session-timeout

    Best regards,

    Ackerly Xu

    Wednesday, April 24, 2019 8:27 AM
  • User-1716253493 posted

    I've done that before. User will be redirected to login page when session timeout, but user will loose their form data.

    Thursday, April 25, 2019 3:50 AM
  • User-893317190 posted

    Hi oned_gk ,

    Then you could  require the user to   enter their username and password  and send a request to webservice with username and passwork to get back user data and restore them in session.

    When session timeout , the user should be redirected to login page and login again.

    If you don't want  this to occur frequently, you could extended expiration time.

    Best regards,

    Ackerly Xu

    Thursday, April 25, 2019 9:40 AM