Re: Session state is not available in this context
From: A.M (IHateSpam_at_sapm123.com)
Date: 03/31/04
- Next message: nart: "Forms Athentication in multiple directories"
- Previous message: Oliver Degnan: "RE: 80004005 error"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Session state is not available in this context"
- Reply: Joe Kaplan \(MVP - ADSI\): "Re: Session state is not available in this context"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 31 Mar 2004 13:45:30 -0500
The reason that I can't use cache is I need role information for any single
session because different users in different sessions have different roles.
If I want to use cache then the index could be session id and also I have to
delete item from cache inside session_end event. It probably works but I am
looking for more automated way for rest of my projects.
Thanks,
Ali
"Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
in message news:O71K$ezFEHA.264@TK2MSFTNGP12.phx.gbl...
> Just out of curiosity, why can't you use the cache?
>
> I say this because I've used the technique of looking up roles from SQL in
> AuthenticateRequest and had good luck caching the results for later use.
>
> Another option with the cookie would be to encrypt it so the user cannot
> interpret it and make it a session-only (non-persisted cookie) so that it
> would be updated frequently. Then, you only take the perf. hit on session
> start up. This basic technique shows up in many of the examples.
>
> Joe K.
>
> "A.M" <IHateSpam@sapm123.com> wrote in message
> news:ep5e8KzFEHA.1128@TK2MSFTNGP11.phx.gbl...
> > Thanks Joe for reply.
> >
> > Now I know I can't use cache to store user's role.
> >
> > I have my role definition in sql database. I am trying my best to avoid
> > query database in Application_AuthenticateRequest.
> > At this point, I am using user data in authentication ticket but i
don't
> > like the fact that user role information is being stored at client's
> cookie
> > storage. beside that if client chooses to persist the cookie, then the
> role
> > definition might change in time.
> >
> > I tried to use session object, Nice try but it doen't work becuse i
can't
> > use session object Application_AuthenticateRequest.
> >
> > Do you have any alternative for querying database and and using user
data
> in
> > authentication ticket ?
> >
> > Thanks,
> > Ali
> >
> >
> > "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com>
wrote
> > in message news:eTHgHztFEHA.3856@TK2MSFTNGP12.phx.gbl...
> > > The cache is application scope, so you need to share it with all
> > concurrent
> > > users. This is generally easy to do with cache keys that include the
a
> > > unique identifier for the user.
> > >
> > > The cache can last as long as you want, depending on the expiration
info
> > you
> > > provide when you put something in the cache.
> > >
> > > One thing the cache can't do is out of process or SQL-based state
> > > persistence. Those features of session state give you the ability to
> > share
> > > state between multiple load-balanced servers and survive work process
> > > restarts since the state is persisted externally.
> > >
> > > A lot of the time, the cache will do what you want and is faster, but
it
> > > depends. There are lots of good articles around that discuss the
> various
> > > ASP.NET state management options.
> > >
> > > Joe K.
> > >
> > > "A.M" <IHateSpam@sapm123.com> wrote in message
> > > news:ubgH2rlFEHA.3132@TK2MSFTNGP12.phx.gbl...
> > > > Thank you for reply.
> > > >
> > > > Is the Cache's scope at application level or session level ? Does it
> > keep
> > > > data for all session long? If it is so, generally why would I use
> > Session
> > > > object if i have Cache object?
> > > >
> > > > Thanks
> > > > Ali
> > > >
> > > > "[MSFT]" <lukezhan@online.microsoft.com> wrote in message
> > > > news:zuH0$DjFEHA.3568@cpmsftngxa06.phx.gbl...
> > > > > Hi Ali,
> > > > >
> > > > > AuthenticateRequest event is raised right after a user has been
> > > > > authenticated but still has not been authorized meaning that
> > aplication
> > > > has
> > > > > not decided on the areas that this user can have access to. And
this
> > > > stage,
> > > > > application hasn't acquired the state also. So there is no session
> > state
> > > > at
> > > > > this point. You can use the Cache object as Joe suggest.
> > > > >
> > > > > Regards,
> > > > >
> > > > > Luke
> > > > > Microsoft Online Support
> > > > >
> > > > > Get Secure! www.microsoft.com/security
> > > > > (This posting is provided "AS IS", with no warranties, and confers
> no
> > > > > rights.)
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>
- Next message: nart: "Forms Athentication in multiple directories"
- Previous message: Oliver Degnan: "RE: 80004005 error"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Session state is not available in this context"
- Reply: Joe Kaplan \(MVP - ADSI\): "Re: Session state is not available in this context"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
