我有一个使用Sitecore的FBA网站.每隔一段时间,它将使一个用户与另一个用户混淆.我的意思是,用户A会以某种方式无意中劫持用户B的会话.用户A将会查看以下页面:a)他们无权查看,并且是b)为用户B定制的页面.一次能够(不经意地)复制,单击后,我又恢复了原来的会话到另一个页面.
I have an FBA site that uses Sitecore. Every so often, it will confuse one user with another. What I mean is, somehow User A will unintentionally hijack User B's session. User A will be looking at a page that a) they don't have permission to view, and that's b) customized for User B. The one time I was able to reproduce (accidentally) , I got my original session back after I clicked through to another page.
我知道Sitecore利用Aspnet成员资格数据库,因此这可能是该数据库的问题,但我真的无法猜测.感觉上更像是会话问题.另外,这不是在群集上发生,而是在独立计算机上发生.
I know Sitecore leverages the Aspnet membership DB, so this might be an issue with that DB, but I really couldn't guess. It feels more like a session issue than anything else. Also, this is not happening on a cluster, but on a standalone machine.
无论如何,任何信息-甚至理论-都可以提供帮助.我认为我以前从未见过像这样的东西.
Anyway, any information - even theories - could help. I don't think I've ever seen anything quite like this before.
推荐答案我很久以前也遇到过类似的问题.事实证明,有一个静态(共享)方法检索用户(或会话).那不是Sitecore的错误,而是一个不好的实现...完全不确定这是您的问题,但是可能值得检查一下是否没有共享用于访问用户的字段或方法.
I had a similar issue long ago. It turned out that there was a static (shared) method retrieving the user (or session). That was not a Sitecore bug but rather a bad implementation... Not at all sure this is your problem but it might be worth to check that no fields or methods used to access the user are shared.
更多推荐
Sitecore切换与另一个用户的用户会话
发布评论