customising Authorize mvc3 error

I am trying to customize the authorize in mvc 3. In the home controller i am setting role to be...

Session["role"] = "Admin";

I am getting the error at

SiteRoles role = (SiteRoles)httpContext.Session["role"]; 

saying Specified cast is not valid.

I dont have a clue what is happening.

protected override bool AuthorizeCore(HttpContextBase httpContext)
{
    if (httpContext == null)
        throw new ArgumentNullException("httpContext");

    strin开发者_JS百科g[] users = Users.Split(',');

    if (!httpContext.User.Identity.IsAuthenticated)
        return false;

    string role = (string)httpContext.Session["role"]; 

    if (Roles != 0 && ((Roles & role) != role))
        return false;

    return true;
}

---

You are setting a string inside the session, so you should use a string when reading back:

string role = (string)httpContext.Session["role"]; 

Or if you wanted to set some custom type:

Session["role"] = SiteRoles.Admin;

and then you will be able to:

SiteRoles role = (SiteRoles)httpContext.Session["role"];