Solved

Refresh IsInRole Cache

Posted on 2004-04-07
3
1,122 Views
Last Modified: 2012-06-22
I've setup an application that uses IsInRole to determine a users rights.
When I change a user's group membership in Active Directory, to grant a different level of access, IsInRole does not notice. I'm guessing the Logon info is cached.

There must be a way to Refresh the information without asking a user to restart his machine to get the new set of roles.
0
Comment
Question by:AdrianJMartin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 20

Expert Comment

by:ihenry
ID: 10912847
Yes, it won't refresh the current IPrincipal object created. One way is to requery to Active Directory and refresh the Thread.CurrentPrincipal value with the latest information.
0
 
LVL 5

Author Comment

by:AdrianJMartin
ID: 10916513
I've created a class that maintains a more up to date group membership( It caches and only refreshes at pertinate times to stop overloading the AD servers). Which works great and taught me quite a bit about ad/ds.

shame there is no :
    Thread.CurrentPrincipal().Refresh() method;




0
 
LVL 20

Accepted Solution

by:
ihenry earned 500 total points
ID: 10917042
There's no Refresh method in the IPrincipal object and I agree with that since it doesn't know how to get the information from and AD is not the only way to store the users and roles information.

But you can always assign the latest IPrincipal object to the Thread.CurrentPrincipal as if you refer to MSDN help it is a getter and setter property. I have no idea how your code look like, but I know you have something to retrieve a list of roles for the current logged user ( or you're gonna need one ). So it's not difficult at all to "refresh" the Thread.CurrentPrincipal.

        // myIdentity is the current logged IIndentity object
        string[] rolesArray = yourClassInstance.WithAMethodNameGetRoles( myIdentity );
        try
        {
            // Set the principal to a new generic principal.
            Thread.CurrentPrincipal =
                new GenericPrincipal( myIdentity, rolesArray);
        }
        catch(SecurityException secureException)
        {
            Console.WriteLine("{0}: Permission to set Principal " +
                "is denied.", secureException.GetType().Name);
        }
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Article by: Najam
Having new technologies does not mean they will completely replace old components.  Recently I had to create WCF that will be called by VB6 component.  Here I will describe what steps one should follow while doing so, please feel free to post any qu…
We all know that functional code is the leg that any good program stands on when it comes right down to it, however, if your program lacks a good user interface your product may not have the appeal needed to keep your customers happy. This issue can…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question