当角色更改时刷新 ASP.NET 站点上基于站点地图的菜单

发布于 2024-08-04 21:27:57 字数 557 浏览 7 评论 0原文

我将 ASP.NET 站点地图与自定义角色提供程序一起使用生成一个站点菜单,根据用户角色显示可用链接。

如果用户登录时角色不发生变化,这种方法就可以正常工作。 当用户登录时角色确实发生变化时,菜单不会自动更新(我已经检查过,并且 Roles.GetRolesForUser() 仅在登录时调用)。这会导致用户可以访问他无权查看的网站区域。此访问不仅是可视的(以显示的菜单项的形式),而且也不会强制执行 Web.config 中定义的访问限制。

有没有办法在角色更改时触发菜单/访问控制刷新?或者我需要强制注销吗?

预先感谢

编辑:我刚刚意识到我启用了角色管理器cacheRolesInCookie,这意味着GetRolesForUser()仅被点击一次,并且任何进一步的角色检查都是使用cookie进行的。有什么方法可以以编程方式刷新 cookie 还是我必须关闭缓存?也许只是删除cookie就可以解决这个问题?

I'm using ASP.NET Sitemaps with a custom Role Provider to generate a site Menu that displays available links depending on user role.

This works fine if the roles don't change while a user is logged in.
When the roles do change while the user is logged in, the Menu isn't automatically updated (I've checked, and the Roles.GetRolesForUser() is only called on login). This results in the user having access to the areas of the site he doesn't have permission to see. This access is not only visual (in the form of the Menu items being displayed), but the access restrictions as defined in the Web.config are not being enforced either.

Is there a way to trigger the Menu/access control refresh when the roles are changed? Or do I need to force a logout?

Thanks in advance

EDIT: I just realized I had the Role Manager cacheRolesInCookie enabled, which meant that GetRolesForUser() was only being hit once and any further role checks were made using the cookie. Any way to refresh the cookie programmatically or do I have to live with the cache turned off? Maybe just removing the cookie will solve it?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

断舍离 2024-08-11 21:27:57

选择非缓存版本,效果很好。

Went for the non-cached version, which works fine.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文