Solved

Refresh IsInRole Cache

Posted on 2004-04-07
3
1,119 Views
Last Modified: 2012-06-22
I've setup an application that uses IsInRole to determine a users rights.
When I change a user's group membership in Active Directory, to grant a different level of access, IsInRole does not notice. I'm guessing the Logon info is cached.

There must be a way to Refresh the information without asking a user to restart his machine to get the new set of roles.
0
Comment
Question by:AdrianJMartin
  • 2
3 Comments
 
LVL 20

Expert Comment

by:ihenry
ID: 10912847
Yes, it won't refresh the current IPrincipal object created. One way is to requery to Active Directory and refresh the Thread.CurrentPrincipal value with the latest information.
0
 
LVL 5

Author Comment

by:AdrianJMartin
ID: 10916513
I've created a class that maintains a more up to date group membership( It caches and only refreshes at pertinate times to stop overloading the AD servers). Which works great and taught me quite a bit about ad/ds.

shame there is no :
    Thread.CurrentPrincipal().Refresh() method;




0
 
LVL 20

Accepted Solution

by:
ihenry earned 500 total points
ID: 10917042
There's no Refresh method in the IPrincipal object and I agree with that since it doesn't know how to get the information from and AD is not the only way to store the users and roles information.

But you can always assign the latest IPrincipal object to the Thread.CurrentPrincipal as if you refer to MSDN help it is a getter and setter property. I have no idea how your code look like, but I know you have something to retrieve a list of roles for the current logged user ( or you're gonna need one ). So it's not difficult at all to "refresh" the Thread.CurrentPrincipal.

        // myIdentity is the current logged IIndentity object
        string[] rolesArray = yourClassInstance.WithAMethodNameGetRoles( myIdentity );
        try
        {
            // Set the principal to a new generic principal.
            Thread.CurrentPrincipal =
                new GenericPrincipal( myIdentity, rolesArray);
        }
        catch(SecurityException secureException)
        {
            Console.WriteLine("{0}: Permission to set Principal " +
                "is denied.", secureException.GetType().Name);
        }
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question