I have a static class member that returns the ID of the current user. When
it is called, it checks if the value is already stored in the session state,
if it is, that value is returned. Otherwise, Membership methods are called
to obtain the ID, that value is stored in the session state, and that value
is then returned.
This appears to work fine. However, I'm now giving users of one type the
ability to "impersonat e" another. In this case, I set the ID in the session
state to the user that is being impersonated.
This, too, seems to work. But now I'm worried about application cycling. If
the application cycles and session state is lost while one user is
impersonating another, I'll get all sorts of errors. If that's not enough, I
just read something I didn't quite understand that Session data is not saved
everytime an exception is raised and not cleared. ???
My question is would there be any way to check if this has happened and not
allow things to continue if the ID of the user being impersonated is lost?
Thanks for any tips.
Jonathan
it is called, it checks if the value is already stored in the session state,
if it is, that value is returned. Otherwise, Membership methods are called
to obtain the ID, that value is stored in the session state, and that value
is then returned.
This appears to work fine. However, I'm now giving users of one type the
ability to "impersonat e" another. In this case, I set the ID in the session
state to the user that is being impersonated.
This, too, seems to work. But now I'm worried about application cycling. If
the application cycles and session state is lost while one user is
impersonating another, I'll get all sorts of errors. If that's not enough, I
just read something I didn't quite understand that Session data is not saved
everytime an exception is raised and not cleared. ???
My question is would there be any way to check if this has happened and not
allow things to continue if the ID of the user being impersonated is lost?
Thanks for any tips.
Jonathan
Comment