locked
Login fails when I assign more than 396 roles to an user in MVC RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    User-1854573995 posted

    Hi,

    I am developing an application in Asp.Net MVC 5. when I assign more than 396 roles to an user, the user can't login any more.

    without any error raising and after deleting some roles that has been assigned to the user till number of Assigned Roles is 396 or less then everything works fine again. Any help would be greatly appreciated.

    Thanks,

     

    Tuesday, August 7, 2018 12:32 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    User475983607 posted

    Wow, 396 is a lot of roles to keep track of.  I've never worked on a system with that many roles.  It could be a possible design issue.

    If you are using ASP.NET Identity, my best guess is that you reached the max length of the authentication cookie.  You'll need to rethink the design.   Maybe create a custom attribute to lookup the user's roles. 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, August 7, 2018 1:47 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    User475983607 posted

    Wow, 396 is a lot of roles to keep track of.  I've never worked on a system with that many roles.  It could be a possible design issue.

    If you are using ASP.NET Identity, my best guess is that you reached the max length of the authentication cookie.  You'll need to rethink the design.   Maybe create a custom attribute to lookup the user's roles. 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, August 7, 2018 1:47 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User753101303 posted

    Hi,

    Also you could try F12 Console. You'll perhaps find an explicit message about which limit you reached...

    Tuesday, August 7, 2018 3:13 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User-1854573995 posted

    thanks for your help. it was the cookies. it is a big project with more than 350 forms and our customers need authentication for displaying ,save ,delete and report for each form seperatly. mostly users have only a few roles but some of them need to access to most of the forms .
    @mgebhard

    Wednesday, August 8, 2018 4:21 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User-1854573995 posted

    thanks for your help. @PatriceSc

    Wednesday, August 8, 2018 4:32 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User753101303 posted

    So users would have basically few roles or all of them ? Rather than explicitely assigning all roles to a user you could have maybe a "All Forms" role ?

    Wednesday, August 8, 2018 9:47 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User-1854573995 posted

    We are developing ERP application containing accounting system, sale system, supply system, warehouse management system, production management and etc

    most of users will have less than 50 roles, admin needs to have all roles and managers need to have all roles of system of their own unit and some roles of other units systems (some of them up to 500 roles).

    by my estimation we will need about 1300 roles to cover all their needs

    we changed our role naming policy to have shorter names, now we can assign over 5000  roles to an user without causing problem in login process.

    also we added some roles to cover all forms or group of roles that will be used frequently

    Wednesday, August 8, 2018 10:45 AM