稍后在应用程序中未设置在Application

本文介绍了稍后在应用程序中未设置在Application_AuthenticationRequest中设置的Thread.CurrentPrincipal的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

在Application_AuthenticationRequest的global.asax文件中，我将Thread.CurrentPrincipal设置为自定义主体.我还将HttpContext.Current.User设置为相同的主体.

In the global.asax file for the Application_AuthenticationRequest I'm setting the Thread.CurrentPrincipal to a custom principal. I also set the HttpContext.Current.User to the same principal.

但是稍后在应用程序中，当我需要将Thread.CurrentPrincipal强制转换为我们的自定义类型时，出现运行时错误，提示: 无法将类型为"System.Web.Security.RolePrincipal"的对象转换为类型为"OurCustomPrincipal".

However later in the app when I need to cast the Thread.CurrentPrincipal to our custom type, I get a runtime error saying: Unable to cast object of type 'System.Web.Security.RolePrincipal' to type 'OurCustomPrincipal'.

Thread.CurrentPrincipal如何重置为RolePrincipal，更重要的是如何将其保留在我们在global.asax中设置的CustomPrincipal中

How did the Thread.CurrentPrincipal get reset to RolePrincipal, and more to the point how do I keep it at the CustomPrincipal we set in the global.asax

预先感谢

推荐答案

您现在肯定已经解决了问题，但是以防万一，如果您使用的是ASP.NET中的RoleProvider，则RoleManagerModule会覆盖由ASP.NET创建的GenericPrincipal对象.在PostAuthenticateRequest期间，使用FormsAuthenticationModule并将其替换为RolePrincipal对象: www.asp/Learn/Security/tutorial-11 -vb.aspx

You surely have resolved your problem by now but just in case, if you are using the RoleProvider from ASP.NET, the RoleManagerModule overwrites the GenericPrincipal object created by the FormsAuthenticationModule and replaces it with a RolePrincipal object during the PostAuthenticateRequest: www.asp/Learn/Security/tutorial-11-vb.aspx