This article is cross-posted from my personal blog.
DotNetNuke allows you to define custom roles to manage your site’s permissions. Recently users have been reporting an error related to a corrupt cookie that stops them from logging in. The problem is due to exceeding the number of roles.
Gemini Issue: http://support.dotnetnuke.com/issue/ViewIssue.aspx?id=8797&PROJID=2
Forum Thread: http://www.dotnetnuke.com/Community/Forums/tabid/795/forumid/-1/threadid/234880/scope/posts/Default.aspx
The problem is due to the need for the user’s portal role names to be saved in a cookie. The list of role names is encrypted and then saved in a cookie called “portalroles”. Cookies have a physical size limitation (2K to 4K depending on browser), and so there is a physical restriction to the number of roles.
But what is the limit?
Unfortunately, as it is the names that are saved, which can vary in length, I cannot provide a definitive answer, but it appears to be in the 40-60 range depending on the length of names used for roles.
This is not an easy issue to solve. If we used role ids then the number of roles could be increased. However, the problem with this approach is that it means that we will need to do a database call to convert the saved role ids to role names, which is the problem we are solving by saving the names in the cookie in the first place.
However, if a user is being assigned to over 40 roles then there is probably a better role arrangement that can be used.