我有一个我正在处理的asp.net MVC应用程序,并且我编写了一个自定义actionfilter以基于在登录时设置的授权级别过滤掉某些控制器操作,并存储在加密的cookie与formsauthentication cookie一起,两个cookie被设置为具有相同的到期时间,但由于某种原因,在空闲时间之后授权cookie值变为空白,我还没有能够调试并在行为中捕获它,但它就这样消失Cookie值在Cookie过期之前过期
我actionfilter代码如下所示:
string usersRole = "";
if (filterContext.HttpContext.Session["role"] != null)
usersRole = filterContext.HttpContext.Session["role"].ToString();
else if (filterContext.HttpContext.Response.Cookies["ArisPortalCookie"].Value != null)
{
usersRole = filterContext.HttpContext.Response.Cookies["ArisPortalCookie"].Value;
filterContext.HttpContext.Session["role"] = usersRole;
}
string encryptedRole = EncryptionHelper.Encrypt(RoleToCheckFor);
if (encryptedRole == usersRole || usersRole == EncryptionHelper.Encrypt("Admin")) //if the user's role and role required match, we have success
{
//now we break down the response action based on what role was required
if (RoleToCheckFor == "Admin")
{
}
else if (RoleToCheckFor == "Tech" || RoleToCheckFor == "Admin")
{
}
else if (RoleToCheckFor == "Physician" || RoleToCheckFor == "Admin")
{
}
}
else
{
filterContext.Result = new ViewResult
{
ViewName = "NoAuth",
ViewData = filterContext.Controller.ViewData,
TempData = filterContext.Controller.TempData
};
}
读取值(管道格式)发现了一个可能的问题,我的应用程序存储它出现时期满 – Jimmy 2009-09-23 15:24:11