Last post Nov 17, 2017 03:12 PM by bruce (sqlwork.com)
Nov 16, 2017 02:22 PM|Abbeylincoln|LINK
My current web application with Asp.Net Core 2 is behaving somehow of which i don't understand. I created users with Identity system which is working fine and i also created Roles with RoleManager<IdentityRole> that are up to 300 roles which is also working
What i observed from login page is, if i assign Roles to user which are not much like less than 100 for instance, user will login successfully using SignInManager. But if i assign more than 100 Roles or all Roles to user, the login wouldn't be successful
and if i check the cookies from the browser, i found out that cookies multiply up to 5 times of the normal cookies value.
What could be the issue, is it that Asp.Net Core 2 have Roles restriction because these are working fine in Asp.Net MVC 5 before i migrate to Asp.Net Core 2.
Thanks in advance
Nov 17, 2017 09:21 AM|Brando ZWZ|LINK
But if i assign more than 100 Roles or all Roles to user, the login wouldn't be successful and if i check the cookies from the browser, i found out that cookies multiply up to 5 times of the normal cookies value.
Could you please post the details error message after use login in?
Have you changed the user login method's codes?
Is this application is a MVC application and use default asp.net core identity?
If you could post more details information, it will be more easily for us to reproduce the issue and find the solution.
Nov 17, 2017 09:34 AM|Abbeylincoln|LINK
No error message thrown and nothing changed from login method's codes.
It's Asp.Net MVC Core application using default Identity.
Like i explained earlier, user can login with roles less than 100 but if i assign all roles (which are up to 300) to user, the login wouldn't be successful and i found out from browser that the identity cookies value gets multiply up to 5 times.
This was working fine in Asp.Net MVC 5 before i decided to migrate to Asp.Net MVC Core 2
Nov 17, 2017 03:12 PM|bruce (sqlwork.com)|LINK
cookies have a max length limit on their value. you are probably hitting the max. most likely when the role providers serializes the roles to the cookie value, the new core claim format is larger than the old one.
you will need to either, write you own role provider that uses a smaller format, or store the roles on the server (lookup on each request).