Accessing Session Cache from GenericPrincipal.isInRole() Options

Discussion in 'ASP .Net' started by Richard Maher, Sep 15, 2010.

  1. Hi,

    Can someone please confirm that Session Cache will not always be
    available/accesible from an implemented/overriden IPrincipal.isInRole()
    method?

    We obtain the current session state via ((HttpApplication)sender).Session
    but *sometimes* get the error "Session state is not available in this
    context".

    What appears to be happening is when isInRole() is invoked to check for
    sitemap node access then Session State is available, but if the check is to
    do with a web-page url then it is not. Eg: -

    Web.sitemap

    <siteMapNode roles="ROLE1,ROLE2,ROLE3"

    Seems ok.

    But when my IsInRole() is called to check the web-page URL access defined
    in web.config eg: -

    Web.config

    <location path="MyPage.aspx">
    <system.web>
    <authorization>
    <allow roles="CHS_M_AccessThisStuff"/>
    <deny users="*"/>
    </authorization>
    </system.web>
    </location>

    The exception is raised.

    I'd like to not have to re-load the user roles from the database each time
    the isInRole method is invoked after its GenericPrincipal has been
    (re)instantiated and Session Cache seemed a convenient place to hold them
    with the added benefit of implicit, transparent, lifecycle management.

    There is always Application Cache or just using the database buffers, but if
    someone could rule out Session cache for us altogether that would help. A
    pointer to the manual or a relevant MSDN article would be perfect!

    Cheers Richard Maher
     
    Richard Maher, Sep 15, 2010
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Harold Crump
    Replies:
    3
    Views:
    5,052
    =?Utf-8?B?QXR1bCBCYWhs?=
    Aug 25, 2005
  2. Cliff  Martin
    Replies:
    1
    Views:
    3,054
    Larry Smith
    Jan 31, 2007
  3. ryan_fagan
    Replies:
    0
    Views:
    315
    ryan_fagan
    Sep 9, 2003
  4. Erick

    GenericPrincipal

    Erick, Sep 9, 2007, in forum: ASP .Net Security
    Replies:
    6
    Views:
    370
    Dominick Baier
    Sep 13, 2007
  5. Dave
    Replies:
    1
    Views:
    947
    Alexey Smirnov
    Dec 10, 2008
Loading...

Share This Page