Register | Log In
Download Contact
Resources > Forums
HomeHomeArchived Discus...Archived Discus...Developing Under Previous Versions of .NETDeveloping Under Previous Versions of .NETASP.Net 2.0ASP.Net 2.0IS there any limit on the No of Roles a user can Have ? DNN 4.5.2IS there any limit on the No of Roles a user can Have ? DNN 4.5.2
Previous
 
Next
New Post
12/14/2008 11:48 AM
 
User is offline Bryan Andrews


www.apptheory.com
Joined: 6/23/2003
Posts: 690

cathal connolly wrote

the limit for number of roles is actually the limit of the maximum size of the cookie where roles are stored. Typically cookies cannot be more than 2-4k (depending on browser), so if you have a large number of roles then it's encrypted size would be more than the maximum size of the cookie, meaning the text get's truncated and hence you get an invalid value message. There is no way to work around this without refactoring the roles management to not use cookies, and seeing as this effects so few users (most sites have users with only one or two roles), it's unlikely to be changed, sorry.

Cathal

Cathal, can you explain why we cannot store the roleids in the cookie instead of the names? Are the permissions cached by name??
 
New Post
12/14/2008 12:15 PM
 
User is offline Brandon Haynes


Brandon Haynes's Avatar

brandonhaynes.org
Joined: 2/6/2006
Posts: 1162

bryan andrews wrote
 

... we cannot store the roleids in the cookie instead of the names? Are the permissions cached by name??

Even if RoleIds were cached in the cookie (instead of using the names themselves), this would only increase the number of persistable roles to between 63 and 85 (minus encryption-added overhead).  For a corner case, I doubt many would see this as a worthwhile venture. 

A better solution would be to use a per-portal, ~255 byte bitfield-based cookie, allowing ~2000 roles per-portal (minus encryption overhead).  This introduces additional complexity (on role deletions, mostly) and again seems unlikely given the majority viewpoint on the utility of a solution with many roles.  It could be architectured to be more performant than the current system, however.

Brandon

Edit: For some reason I got it in my head that 260 characters was a maximum cookie length; this is in fact the maximum URI length (in some browsers).  My roleId-storage discussion thusly becomes invalid, with a general maximum number of storable roles between 500 - 650.  The bitfield is still the more performant choice (in addition to allowing ~16k roles per-portal, albeit potentially not worth the ondelete-invalidation hassle).

Brandon Haynes
BrandonHaynes.org
 
New Post
12/14/2008 12:39 PM
 
User is offline Sebastian Leupold


Sebastian Leupold's Avatar

Sebastian Leupold's Avatar

www.dnnwerk.de
Joined: 3/8/2004
Posts: 36757

Brandon,

if the cookie may hold up to 500 roleIDs, this means assigned cookies to a single user - while the bitfield would limit the numbers of existing roles in the portal. Though I am of the opinion, that 16k roles should be more efficient, I am not sure, if this justifies the work to re-implement cookie management.

I am still of the opinion, that there shall not be a need to assign more than 50 roles to a single user, but on the other hand, storing roleIDs instead of roleNames would be preferable - not forcing admins to choose short inexplanary names and offering the option to localizate role names, when we are heading for content localization.

Cheers from Germany,
Sebastian Leupold (DotNetNuke MVP)

dnnWerk - The DotNetNuke Experts   German Spoken DotNetNuke User Group   European Network of DotNetNuke Professionals
 
New Post
12/14/2008 3:02 PM
 
User is offline Brandon Haynes


Brandon Haynes's Avatar

brandonhaynes.org
Joined: 2/6/2006
Posts: 1162

Sebastian Leupold wrote
 

Brandon,

... though I am of the opinion, that 16k roles should be more efficient, I am not sure, if this justifies the work to re-implement cookie management.

I am still of the opinion, that there shall not be a need to assign more than 50 roles to a single user...

In general, I completely agree.  I get to throw out wild architectural design changes because I neither have to implement them nor ensure they continue to support legacy scenarios :)

I thought I'd add that because, in general, a role-based bitfield could be treated as a sparsely populated vector, it could be represented in memory much more efficiently than (loosely) O(n) space.  Although a worst-case might be 16k roles, there would in practice be essentially no maximum (assuming sparse assignment).  Spare matrices are well-studied in the academic literature.

Role deserialization in a bitfield data structure would be much more efficient than through iterative string manipulation, as well (regardless of whether name matching or string-to-integer roleId conversion were used).

Given that the general consensus seems to be that high-volume role support is not a viable use-case in DNN, these implementation details become purely academic (but interesting!). 

Brandon

 

Brandon Haynes
BrandonHaynes.org
 
New Post
12/14/2008 10:23 PM
 
User is offline Don Worthley


www.oldtownit.com
Joined: 4/7/2005
Posts: 243

 Hi Sebastian,

I'm interested in your recommendation regarding the scenario I've described above.  I see this as an issue that will be moving from the realm of being academic to the realm of being a critical architectural shortcoming that will require a technical workaround in the coming years, especially with DNN being used more and more as a platform to build social networking applications where issues related to permissions become much more complex.

Regarding the idea to use a bitfield, I've always been fascinated with the raw power of bitfields for storing a ton of information in a small space, but the disadvantage that Brandon notes is that it's kind of brittle.  I would love to see this feature separated from the core through the provider pattern so that those of us who aren't using a web farm could write an implementation that would use Session state for maintianing role permission data or use Flash based local storage.

Interested in your thoughts,

Don


Don Worthley
Software Architect
Old Town IT
 
 Page 4 of 7
Previous12345...7Next 
Previous
 
Next
HomeHomeArchived Discus...Archived Discus...Developing Under Previous Versions of .NETDeveloping Under Previous Versions of .NETASP.Net 2.0ASP.Net 2.0IS there any limit on the No of Roles a user can Have ? DNN 4.5.2IS there any limit on the No of Roles a user can Have ? DNN 4.5.2


Forum Policy

These Discussion Forums are dedicated to the discussion of the DotNetNuke Web Application Framework.

For the benefit of the community and to protect the integrity of the project, please observe the following posting guidelines:

1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DotNetNuke.
2. Discussion or promotion of DotNetNuke product releases under a different brand name are strictly prohibited.
3. No Flaming or Trolling.
4. No Profanity, Racism, or Prejudice.
5. Site Moderators have the final word on approving/removing a thread or post or comment.
6. English language posting only, please.

Attend A Webinar
Start Professional Edition Trial
Have Someone Contact Me

Like Us on Facebook Join our Network on LinkedIn Follow DNN Corporate on Twitter Follow DNN on Twitter

Advertisers

Sponsors

DotNetNuke Corporation

DotNetNuke (DNN) provides a suite of solutions that make designing, building and managing feature-rich sites and communities fast, easy and cost-effective. The DotNetNuke Platform CMS is the foundation for more than one million websites worldwide. DNN Social, our newest solution, enables businesses to create immersive, interactive communities. Thousands of organizations like True Value Hardware, Bose, Cornell University, Glacier Water, Dannon, Delphi, USAA, NASCAR, Northern Health and the City of Denver have leveraged DNN to deploy highly engaging business- critical websites. Our rapid growth in product sales and deployments resulted in DotNetNuke Corp. being named one of the fastest growing private companies in America by Inc. Magazine in 2011 and 2012.
Copyright © 2002-2013 DotNetNuke Corp. / Terms of Use / Privacy
Hosted by MaximumASP