Current user gets overwritten with ria service authentication
Question
I have a SL 4 applicaiton with RIA service for authentication(Forms + IE9). Consider following scenario
- user A logs into the system,
- now user B does the same,
- user A performs some operation and it appears that inside
System.Web.HttpContext.Current.Userare hidden credentials for user B which is a catastrophy
Here's part of my web.config <authentication mode="Forms" > <forms name="MY_COOKIE_NAME" timeout="180"/> </authentication>
and code part responsible for login
public AuthenticationUser Login(string userName, string password, bool isPersistent, string customData)
{
var retUser = new DefaultUser();
if (/*check credentials*/)
{
FormsAuthentication.SetAuthCookie(userName, true);
retUser = CreateAuthenticatedUserData(userName);
}
return retUser;
}
1 answers
solution1
0 ACCPTED 2011-04-04 14:26:49
看来问题出在Internet浏览器上-切勿在同一浏览器的两个选项卡中打开应用程序的两个实例-会话/ Cookie /共享任何内容
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
authentication issues in RIA Domain Service (Access to operation denied)
Current user in owin authentication
Problem during RIA authentication
Event in RIA Service
RIA Service - Custom Query
Exception handling in RIA Service
Silverlight 4 + RIA Service Loads
Macro gets current user macro not contacts
Silverlight Authentication Without RIA Services?
Impersonate Current User from Service
Related Tags