In an environment where about 100 users connect to the site using forms authentication, calling HttpContext.Current.User.Identity.Name returns a correctly registered user.
However, in 10% of cases, incorrect information about the full username is returned. I have never had such a problem on my test machine, this only happens in production. I cannot recreate the same environment with many users on my test machine.
The logic of this application:
1) The user enters the username and passes, the information is viewed using a SQL DB call, if it is a match, the user is authenticated through FormsAuthentication.RedirectFromLoginPage (username, false)
FormsAuthentication.SetAuthCookie(user.SYS_Users_ID.ToString(), false); if (Request["ReturnURL"] == null) FormsAuthentication.RedirectFromLoginPage(user.SYS_Users_ID.ToString(), false); else Response.Redirect("/" + SysConfig.ApplicationName + appConfig.DefaultPages.DefaultPage);
2) After redirecting, I put the full username in a hidden field
if (!IsPostBack) userFullName.Value = Helper.GetCurrentUserFullName(); ... public static string GetCurrentUserFullName() { string _userFullName = string.Empty; try { _userFullName = new AgrotMasofim.DAL.Users.Users().GetUserFullName(GetCurrentUserID()); } catch (Exception ex) { Logs.WriteToFileLog(string.Empty,ex); } return _userFullName; } public static Decimal GetCurrentUserID() { Decimal _userID = 0; if (HttpContext.Current.User != null) { try { _userID = Convert.ToDecimal(HttpContext.Current.User.Identity.Name); } catch (Exception ex) { Logs.WriteToFileLog(string.Empty, ex); } } return _userID; }
3) On all pages visited by the user, his / her information is displayed inside the label, which is located on the main page
lblUserName.Text = HttpUtility.HtmlDecode("Hello " + userFullName.Value);
It works almost all the time. Any ideas why this might be from time to time?