问题
I have an FBA site that uses Sitecore. Every so often, it will confuse one user with another. What I mean is, somehow User A will unintentionally hijack User B's session. User A will be looking at a page that a) they don't have permission to view, and that's b) customized for User B. The one time I was able to reproduce (accidentally) , I got my original session back after I clicked through to another page.
I know Sitecore leverages the Aspnet membership DB, so this might be an issue with that DB, but I really couldn't guess. It feels more like a session issue than anything else. Also, this is not happening on a cluster, but on a standalone machine.
Anyway, any information - even theories - could help. I don't think I've ever seen anything quite like this before.
回答1:
I had a similar issue long ago. It turned out that there was a static (shared) method retrieving the user (or session). That was not a Sitecore bug but rather a bad implementation... Not at all sure this is your problem but it might be worth to check that no fields or methods used to access the user are shared.
回答2:
I've seen a similar issue described below
- You view the site as a logged in Extranet User - Sitecore happily does this for you
- You open a new tab in the browser and log into the Sitecore backend
- Sitecore switches you to be your Sitecore user
- You click back and navigate around the site - Sitecore now uses the Sitecore user to navigate around the frontend of the site
So could it be that you (or someone has logged as separate extranet users in different tabs?)
来源:https://stackoverflow.com/questions/11660964/sitecore-switches-user-session-with-another-user