• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1156
  • Last Modified:

Refresh IsInRole Cache

I've setup an application that uses IsInRole to determine a users rights.
When I change a user's group membership in Active Directory, to grant a different level of access, IsInRole does not notice. I'm guessing the Logon info is cached.

There must be a way to Refresh the information without asking a user to restart his machine to get the new set of roles.
0
AdrianJMartin
Asked:
AdrianJMartin
  • 2
1 Solution
 
ihenryCommented:
Yes, it won't refresh the current IPrincipal object created. One way is to requery to Active Directory and refresh the Thread.CurrentPrincipal value with the latest information.
0
 
AdrianJMartinAuthor Commented:
I've created a class that maintains a more up to date group membership( It caches and only refreshes at pertinate times to stop overloading the AD servers). Which works great and taught me quite a bit about ad/ds.

shame there is no :
    Thread.CurrentPrincipal().Refresh() method;




0
 
ihenryCommented:
There's no Refresh method in the IPrincipal object and I agree with that since it doesn't know how to get the information from and AD is not the only way to store the users and roles information.

But you can always assign the latest IPrincipal object to the Thread.CurrentPrincipal as if you refer to MSDN help it is a getter and setter property. I have no idea how your code look like, but I know you have something to retrieve a list of roles for the current logged user ( or you're gonna need one ). So it's not difficult at all to "refresh" the Thread.CurrentPrincipal.

        // myIdentity is the current logged IIndentity object
        string[] rolesArray = yourClassInstance.WithAMethodNameGetRoles( myIdentity );
        try
        {
            // Set the principal to a new generic principal.
            Thread.CurrentPrincipal =
                new GenericPrincipal( myIdentity, rolesArray);
        }
        catch(SecurityException secureException)
        {
            Console.WriteLine("{0}: Permission to set Principal " +
                "is denied.", secureException.GetType().Name);
        }
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now