asp.net – 运行时MVC更新FormsAuthenticationTicket UserData

public void SignIn(string userName,bool createPersistentCookie,string UserData)
{
    if (String.IsNullOrEmpty(userName)) throw new ArgumentException("Value cannot be null or empty.","userName");

    // Create and tuck away the cookie
    FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1,userName,DateTime.Now,DateTime.Now.AddDays(15),createPersistentCookie,UserData);
    // Encrypt the ticket.
    string encTicket = FormsAuthentication.Encrypt(authTicket);

    //// Create the cookie.
    HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName,encTicket);
    HttpContext.Current.Response.Cookies.Add(faCookie);
}

UserData字符串将是一个以管道分隔的字符串,它将始终包含至少两个项目UserID | UserRole的.可以将用户分配给一个或多个角色,因此,UserData可能看起来像此UserID | UserRole | UserRole | UserRole的

然后我在Global.asax中拥有自己的自定义通用主体

protected void Application_AuthenticateRequest(Object sender,EventArgs e)
{

        // Get the authentication cookie
        string cookieName = FormsAuthentication.FormsCookieName;
        HttpCookie authCookie = Context.Request.Cookies[cookieName];

        // If the cookie can't be found,don't issue the ticket
        if (authCookie == null) return;

        // Get the authentication ticket and rebuild the principal
        // & identity
        FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);

        string[] UserData = authTicket.UserData.Split(new Char[] { '|' });

        GenericIdentity userIdentity = new GenericIdentity(authTicket.Name);
        GenericPrincipal userPrincipal = new GenericPrincipal(userIdentity,UserData);
        Context.User = userPrincipal;
}

这一切都很好,但是,在我的应用程序中,如果用户有多个角色,当他们登录时,我需要列出他们的角色,然后让他们只选择一个角色去执行基于所选角色的功能.

我想,要做到这一点,也许我可以将用户选择的角色传递给方法,获取他们的FormsAuthenticationTicket并更新UserData以反映他们选择的角色.例如,使用1 | Manager | Applicant创建UserData字符串,然后我需要列出这两个角色并询问用户要在哪个角色下执行功能,他们选择Manager然后我将其FormsAuthenticationTicket中的UserData更新为1 |经理.

这甚至可能,或者有更好的方法吗？

任何帮助将不胜感激.

感谢大家.