UserPrincipal GetAuthorizationGroups 方法
我有 ac# asp.net 项目,并且正在使用 CodeProject.com 中的 ADRoleProvider。我的问题是 GetAuthorizationGroups。我知道它是 GetGroups 的递归兄弟。我需要那种递归性。然而,它似乎在前往 AD 获取列表之前检查缓存/令牌。虽然我很欣赏它,但我宁愿让它打到AD。我似乎无法弄清楚该角色缓存在哪里。最初我使用的是:
Roles.DeleteCookie();
但这没有效果。然后我在 web.config 中删除了角色提供程序 cookie 的使用。我想就这样了,不再有饼干了。不,还是不对。
本质上,此时我正在运行 GetGroups 与 GetAuthorizationGroups 并从 AD 组中添加/删除自己,您可以实时看到一个列表是当前的 (GetGroups),另一个列表处于似乎未知的延迟 (GetAuthorizationGroups)。
下一步是发送一些无缓存标头吗?我宁愿在用户登录时粉碎它并强制使用当前列表。
I've got a c# asp.net project, and I'm using the ADRoleProvider from CodeProject.com. My issue is with GetAuthorizationGroups. I understand that it's the recursive brother of GetGroups. I need that recursive-ness. However, it seems to check a cache/token before heading out to AD to get the list. While I appreciate it, I'd rather have it hit AD. I can't seem to figure out where that role cache is. Initially I was using:
Roles.DeleteCookie();
But that had no effect. Then I removed the use of a cookie for the role provider in the web.config. I figured that would be it, no cookie anymore. Nope, still not right.
Essentially, at this point I am running GetGroups vs. GetAuthorizationGroups and adding/removing myself from AD groups and you can see in real time that one list is current (GetGroups) the other is on what appears to be an unknown delay (GetAuthorizationGroups).
Is the next step sending some no-cache headers? I'd rather crush this at user login and force a current list.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
看起来像类似的 错误报告 很久以前就在 Microsoft Connect 上提交了。尚未提供解决方法。如果您需要新的 AD 数据,最好坚持使用 GetGroups。
Looks like a similar bug report was filed on this a long time ago on Microsoft Connect. No workarounds have been provided. If you need fresh AD data, it may be best to stick with GetGroups.