I have a custom role provider. In the method public override string[] GetRolesForUser(string username) I check the role name stored in a session variable. This didn't work, as when I put a break point in the code I found out the value of HttpContext.Current.Session is null.
I stumbled for a while and I came to this link http://forums.asp.net/p/967758/1214615.aspx. In the post ScottGu says "Unfortunately authentication and authorization happen before the session object is populated."
So I have to change to load user role from database by the user name.
Tuesday, 17 June 2008
Subscribe to:
Posts (Atom)