[Mono-bugs] [Bug 81117][Nor] New - Role Provider using Cookie Caching does not work [w/ fix]
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Sun Mar 11 19:22:29 EDT 2007
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by mmorano at mikeandwan.us.
http://bugzilla.ximian.com/show_bug.cgi?id=81117
--- shadow/81117 2007-03-11 18:22:29.000000000 -0500
+++ shadow/81117.tmp.12909 2007-03-11 18:22:29.000000000 -0500
@@ -0,0 +1,54 @@
+Bug#: 81117
+Product: Mono: Class Libraries
+Version: 1.2
+OS:
+OS Details:
+Status: NEW
+Resolution:
+Severity:
+Priority: Normal
+Component: Sys.Web
+AssignedTo: mhabersack at novell.com
+ReportedBy: mmorano at mikeandwan.us
+QAContact: mono-bugs at ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: Role Provider using Cookie Caching does not work [w/ fix]
+
+If you specify to use cached roles via a cookie in the web.config for a
+.net 2.0 web application, this currently fails to work as expected. There
+is an error in the RolePrincipal class, as it incorrectly reads the
+contents of the decrypted ticket. Effectively, the cookie path needs to be
+read prior to the roles, and the roles should be the last thing read, as
+this is how the contents are written to the cookie via the
+ToEncryptedTicket method.
+
+The following diff corrects this issue:
+
+Index: System.Web.Security/RolePrincipal.cs
+===================================================================
+--- System.Web.Security/RolePrincipal.cs (revision 74073)
++++ System.Web.Security/RolePrincipal.cs (working copy)
+@@ -235,13 +235,13 @@
+ // expire date
+ _exprireDate = new DateTime (reader.ReadInt64 ());
+
++ // cookie path
++ _cookiePath = reader.ReadString ();
++
+ // roles
+ string roles = reader.ReadString ();
+ if (!Expired)
+ InitializeRoles (roles);
+-
+- // cookie path
+- _cookiePath = reader.ReadString ();
+ }
+
+ private void InitializeRoles (string decryptedRoles)
+
+
+
+Thanks,
+Mike
More information about the mono-bugs
mailing list