Does asp.net do any caching when checking for [Authorize (Roles = "Student")]

Question

Does asp.net do any caching when checking for [Authorize (Roles = "Student")]

I have a method that I would like to restrict for use by people who are playing the "Student" role. I would like to explore different ways of doing this.

At first I know I can decorate the method like this:

  [Authorize(Roles = "Student")]

If I know that the "Student" role has a RoleId of 4, and if I know that the user has a UserId of 2, then:

is a decorating method more efficient than each user in a role allows, then picking against my Identity 2 database to see if user 2 has a roleId value of 4 in the AspNetUserRoles table.

As FYI I am using WebAPI with ASP.Net Identity 2.1 and bearer authentication. All my users access through the web browser interface. If there is no caching, but a way to enable caching, I would advise anyone who could advise me on how to use this if it is not enabled by default.

+3

sql-server asp.net asp.net-mvc asp.net-web-api

Samantha jt star 27 oct. 14 at 12:19

source to share

1 answer

SmartDev · Accepted Answer · 2014-10-27T12:36:21+0000

You can enable role provider caching functionality from web.config with CacheRolesInCookie

. See this link for details .

Alternatively, you can always override the default role provider (see this link for more details), but I think this is not really what you care about ...

Does asp.net do any caching when checking for [Authorize (Roles = "Student")]

More articles: