Question

这曾经有用，但我最近发现ASP.NET不再缓存cookie中的用户角色了。我运行了一个fiddler跟踪，看起来cookie的值是空白的，并且过去设置了过期日期。因此，cookie不会在后续请求中发送，并且每次往返都会触发数据库。

我似乎无法在此找到任何帖子。任何帮助都会很棒。谢谢！

的web.config ：

<roleManager enabled="true" defaultProvider="MyRoleProvider" cacheRolesInCookie="true" cookieName=".ASPXROLES" cookieTimeout="30" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="All" createPersistentCookie="false">
  <providers>
    <clear />
    <add name="MyRoleProvider" type="MyCompany.Core.Web.Providers.MyRoleProvider" connectionStringName="MainConnect" applicationName="MyApplication" />
  </providers>
</roleManager>

Fiddler响应（标题）：

HTTP/1.1 200 OK
Cache-Control: private, s-maxage=0
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-AspNetMvc-Version: 4.0
X-AspNet-Version: 4.0.30319
Set-Cookie: .ASPXROLES=; expires=Tue, 12-Oct-1999 05:00:00 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Mon, 31 Dec 2012 01:14:19 GMT
Content-Length: 1381

Answer 1

看看This answer。它似乎表明只有提供程序的IsUserInRole成员才会以这种方式缓存结果。在检查用户角色时，ASP .NET MVC似乎只使用GetRolesForUser。我不久前碰到了同样的限制 - 这里是我添加到我的角色提供程序中的一些代码，以提供一个简单的缓存机制。

 public class MyRoleProvider : RoleProvider
 {
    private readonly string userRoleCacheKeyFormat;

    public MyRoleProvider()
    {
        userRoleCacheKeyFormat = this.Name + "_{0}";
    }

    public override string[] GetRolesForUser(string username)
    {
        return GetUserRoles(username);
    }

    private string[] GetUserRoles(string username)
    {
        string[] roleNames = null;

        if (!TryGetCachedUserRoles(username, out roleNames))
        {
            //cache miss
            roleNames = GetUserRolesFromStore(username);
        }

        return roleNames;
    }

    private bool TryGetCachedUserRoles(string username, out string[] userRoles)
    {
        string cacheKey = string.Format(userRoleCacheKeyFormat, username);
        HttpContext httpContext = HttpContext.Current;
        if (httpContext != null)
        {
            userRoles = (string[])httpContext.Cache.Get(cacheKey);
        }
        else { userRoles = null; }

        return (userRoles != null);
    }

    private void CacheUserRoles(string username, string[] userRoles)
    {
        string cacheKey = string.Format(userRoleCacheKeyFormat, username);
        HttpContext httpContext = HttpContext.Current;
        if (httpContext != null)
        {
            httpContext.Cache.Insert(cacheKey, userRoles, null, DateTime.UtcNow.AddMinutes(15), Cache.NoSlidingExpiration);
        }
    }

    private string[] GetUserRolesFromStore(string username)
    {
        MyDbContext db = MvcApplication.IoC.Resolve<MyDbContext>();

        string[] roleNames = db.Users
            .Single(u => u.Username == username)
            .UserRoles
            .Select(r => r.Name)
            .ToArray();

        CacheUserRoles(username, roleNames);

        return roleNames;
    }
}

Answer 2

我想。该会话没有任何角色。

Answer 3

尝试createPersistentCookie="true"

RoleManager Cookie立即过期

3 个答案: