我正在考虑使用自定义 MembershipProvider / RoleProviders。
不幸的是,我们当前拥有的安全层需要设置一些会话内容。因此,当调用 IsUserInRole() 方法时,Session 对象始终为 null,因为 Session 内容已全部预填充。
关于如何解决这个问题并保留使用我们拥有的基于会话的安全模型有什么建议吗?
(不是我写的,我必须使用它)。
一如既往,我们非常感谢任何帮助。
I was considering using the custom MembershipProvider / RoleProviders.
Unfortunately, the security layer we currently have requires some session stuff being set. So, when the IsUserInRole() method is called, the Session object is always null, due to the Session stuff being all prepopulated.
Any suggestions on how I would be able to work around this, and retain the use of the Session based security model we have?
(I didn't write it, and I have got to use it).
Any help greatly appreciated as always.
发布评论
评论(1)
可能需要一些代码。
几乎可以肯定您需要对会话进行读取访问,因为听起来好像保留了一些授权标志?
这可能会为您排除这种情况,请阅读此论坛,注意ScottGu 的回答
Might need some code on this.
It's almost certain you will need read access to your session as it sounds like some authorisation flag is kept there?
This might rule this out for you, have a read of this forum, note ScottGu's answers