开发者

Current user gets overwritten with ria service authentication

问答 作者:

I have a SL 4 applicaiton with RIA service for authentication(Forms + IE9). Consider following scenario

  • user A logs into the system,
  • now user B does the same,
  • user A performs some operation and it appears that inside System.Web.HttpContext.Current.User are hidden credentials for user B which is a catastrophy

Here's part of my web.config <authentication mode="Forms" > <forms name="MY_COOKIE_NAME" timeout="180"/> </authentication>

an开发者_开发知识库d code part responsible for login

public AuthenticationUser Login(string userName, string password, bool isPersistent, string customData)
    { 
        var retUser = new DefaultUser();
        if (/*check credentials*/)
        {
            FormsAuthentication.SetAuthCookie(userName, true);
            retUser = CreateAuthenticatedUserData(userName);

        }
        return retUser;
    }

It seems that problem lies in the internet browser - never open two instances of your application in two tabs of the same browser - session/cookies/whatever are shared

继续阅读:authorizationforms-authenticationriasilverlight-4.0

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9