views:

757

answers:

3

In my web.config I have the Role Manager configured as follows:

<roleManager enabled="true" cacheRolesInCookie="true" cookieName=".ASPROLES" 
cookieTimeout="30" cookiePath="/" cookieRequireSSL="false" 
cookieSlidingExpiration="true" cookieProtection="All">

however in our custom RoleProvider it would seems that the GetRolesForUser method is always being called, rather than as I would have expected, the RoleManager serving up the roles from its cookie.

We're using something like to get the roles for a user:

string[] myroles = Role.GetRolesForUser("myuser");

Is there something that I'm missing in the configuration, or in the use of the RoleManager

Thanks in advance

+1  A: 

It might work better if you were to change the value in your cacheRolesInCookie to true.

Jordan S. Jones
the typo was not in the code, but introduced when I retyped the code.
Ralph Shillington
A: 

I am having the same issue when I call the method Roles.IsUserInRole(role); passes the call to my custom role provider. The method that is called is IsUserInRole(string email, string roleName). From there it round trips the database.

Keith K
In mine I noticed the role provider cookie was not being written to the client at all.
Keith K
A: 

I am having a similar problem. Inspecting different scenarios in Sql Profiler reveals the following:

Roles.IsUserInRole("SomeRole"); ==> This uses the cookie cache and does not hit the database. User.IsInRole("SomeRole"); ==> This also uses the cookie cache and does not hit the database. Roles.GetRolesForUser(); ==> This hits the database on the first call, but any subsequent calls to Roles.GetRolesForUser() does not hit the database.

Does anyone knows how I can get a list of roles for the currently logged in user from the cookie cache (and not have to hit the database)?

JohnnyO
I think I understand now why Roles.GetRolesForUser() needs to hit the database and can't get the roles from the cookie. It's because looking at the cookie value alone doesn't guarantee that all cookies are stored there. For example, if maxCachedResults (as configured in web.config) is exceeded, then ASP.NET only stores the most recently accessed roles in the cookies. Details are available here: http://msdn.microsoft.com/en-us/library/ff647401.aspx
JohnnyO