Passing UserGUID to the Custom Role Provider

T

Temoc

I am implementing a Custom Membership and Role Provider against SQL Database
using Visual Studio 2010.
Most of the data on the website is associated with the UserGUID rather than
the UserName. On the membership provider I am storing the userGUID as
follows:
HttpContext.Current.Session.Add("UserGuid",System.Convert.ToString(reader["UserGuid"]));
I can easily access this value on any of web pages However on my Custom Role
Provider the HttpContext.Current.Session is null.
Question 1
Where do I store the UserGUID on my membership provider so I access it on
my Role Provider?
Question 2
I would like also to cache the roles for the logged user so that
GetRolesForUser(string username) won’t have to be accessing the database
every time the user changes pages instead I would read it from cache if
available. Where would be a secure place to store these values?

Thanks for the help
 
M

Mr. Arnold

Temoc said:
I am implementing a Custom Membership and Role Provider against SQL Database
using Visual Studio 2010.
Most of the data on the website is associated with the UserGUID rather than
the UserName. On the membership provider I am storing the userGUID as
follows:
HttpContext.Current.Session.Add("UserGuid",System.Convert.ToString(reader["UserGuid"]));
I can easily access this value on any of web pages However on my Custom Role
Provider the HttpContext.Current.Session is null.
Question 1
Where do I store the UserGUID on my membership provider so I access it on
my Role Provider?
Question 2
I would like also to cache the roles for the logged user so that
GetRolesForUser(string username) won’t have to be accessing the database
every time the user changes pages instead I would read it from cache if
available. Where would be a secure place to store these values?

You would cache the information on a back-end application Web server,
and you would retrieve the information using a Web service. The Web
service would read cache first (cache on a timer) and if null for the
user, the service would go back to the database and persist it back to
cache on the back-end application Web server.

As far as the GUID what's wrong in passing it as a parm on the URL to
every page on a Response Redirect to the page?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top