[Mono-bugs] [Bug 81117][Nor] New - Role Provider using Cookie Caching does not work [w/ fix]

bugzilla-daemon at bugzilla.ximian.com bugzilla-daemon at bugzilla.ximian.com
Sun Mar 11 19:22:29 EDT 2007 

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by mmorano at mikeandwan.us.

http://bugzilla.ximian.com/show_bug.cgi?id=81117

--- shadow/81117	2007-03-11 18:22:29.000000000 -0500
+++ shadow/81117.tmp.12909	2007-03-11 18:22:29.000000000 -0500
@@ -0,0 +1,54 @@
+Bug#: 81117
+Product: Mono: Class Libraries
+Version: 1.2
+OS: 
+OS Details: 
+Status: NEW   
+Resolution: 
+Severity: 
+Priority: Normal
+Component: Sys.Web
+AssignedTo: mhabersack at novell.com                            
+ReportedBy: mmorano at mikeandwan.us               
+QAContact: mono-bugs at ximian.com
+TargetMilestone: ---
+URL: 
+Cc: 
+Summary: Role Provider using Cookie Caching does not work  [w/ fix]
+
+If you specify to use cached roles via a cookie in the web.config for a
+.net 2.0 web application, this currently fails to work as expected.  There
+is an error in the RolePrincipal class, as it incorrectly reads the
+contents of the decrypted ticket.  Effectively, the cookie path needs to be
+read prior to the roles, and the roles should be the last thing read, as
+this is how the contents are written to the cookie via the
+ToEncryptedTicket method.
+
+The following diff corrects this issue:
+
+Index: System.Web.Security/RolePrincipal.cs
+===================================================================
+--- System.Web.Security/RolePrincipal.cs        (revision 74073)
++++ System.Web.Security/RolePrincipal.cs        (working copy)
+@@ -235,13 +235,13 @@
+                        // expire date
+                        _exprireDate = new DateTime (reader.ReadInt64 ());
+ 
++                       // cookie path
++                       _cookiePath = reader.ReadString ();
++
+                        // roles
+                        string roles = reader.ReadString ();
+                        if (!Expired)
+                                InitializeRoles (roles);
+-
+-                       // cookie path
+-                       _cookiePath = reader.ReadString ();
+                }
+ 
+                private void InitializeRoles (string decryptedRoles)
+
+
+
+Thanks,
+Mike

More information about the mono-bugs mailing list