Accessing Session Cache from GenericPrincipal.isInRole() Options

R

Richard Maher

Hi,

Can someone please confirm that Session Cache will not always be
available/accesible from an implemented/overriden IPrincipal.isInRole()
method?

We obtain the current session state via ((HttpApplication)sender).Session
but *sometimes* get the error "Session state is not available in this
context".

What appears to be happening is when isInRole() is invoked to check for
sitemap node access then Session State is available, but if the check is to
do with a web-page url then it is not. Eg: -

Web.sitemap

<siteMapNode roles="ROLE1,ROLE2,ROLE3"

Seems ok.

But when my IsInRole() is called to check the web-page URL access defined
in web.config eg: -

Web.config

<location path="MyPage.aspx">
<system.web>
<authorization>
<allow roles="CHS_M_AccessThisStuff"/>
<deny users="*"/>
</authorization>
</system.web>
</location>

The exception is raised.

I'd like to not have to re-load the user roles from the database each time
the isInRole method is invoked after its GenericPrincipal has been
(re)instantiated and Session Cache seemed a convenient place to hold them
with the added benefit of implicit, transparent, lifecycle management.

There is always Application Cache or just using the database buffers, but if
someone could rule out Session cache for us altogether that would help. A
pointer to the manual or a relevant MSDN article would be perfect!

Cheers Richard Maher
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,480
Members
44,900
Latest member
Nell636132

Latest Threads

Top