Solved

Refresh IsInRole Cache

Posted on 2004-04-07
3
1,129 Views
Last Modified: 2012-06-22
I've setup an application that uses IsInRole to determine a users rights.
When I change a user's group membership in Active Directory, to grant a different level of access, IsInRole does not notice. I'm guessing the Logon info is cached.

There must be a way to Refresh the information without asking a user to restart his machine to get the new set of roles.
0
Comment
Question by:AdrianJMartin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 20

Expert Comment

by:ihenry
ID: 10912847
Yes, it won't refresh the current IPrincipal object created. One way is to requery to Active Directory and refresh the Thread.CurrentPrincipal value with the latest information.
0
 
LVL 5

Author Comment

by:AdrianJMartin
ID: 10916513
I've created a class that maintains a more up to date group membership( It caches and only refreshes at pertinate times to stop overloading the AD servers). Which works great and taught me quite a bit about ad/ds.

shame there is no :
    Thread.CurrentPrincipal().Refresh() method;




0
 
LVL 20

Accepted Solution

by:
ihenry earned 500 total points
ID: 10917042
There's no Refresh method in the IPrincipal object and I agree with that since it doesn't know how to get the information from and AD is not the only way to store the users and roles information.

But you can always assign the latest IPrincipal object to the Thread.CurrentPrincipal as if you refer to MSDN help it is a getter and setter property. I have no idea how your code look like, but I know you have something to retrieve a list of roles for the current logged user ( or you're gonna need one ). So it's not difficult at all to "refresh" the Thread.CurrentPrincipal.

        // myIdentity is the current logged IIndentity object
        string[] rolesArray = yourClassInstance.WithAMethodNameGetRoles( myIdentity );
        try
        {
            // Set the principal to a new generic principal.
            Thread.CurrentPrincipal =
                new GenericPrincipal( myIdentity, rolesArray);
        }
        catch(SecurityException secureException)
        {
            Console.WriteLine("{0}: Permission to set Principal " +
                "is denied.", secureException.GetType().Name);
        }
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Summary: Persistence is the capability of an application to store the state of objects and recover it when necessary. This article compares the two common types of serialization in aspects of data access, readability, and runtime cost. A ready-to…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question