OmegaProgrammer
asked on
Roles don't refresh after log out
I have a cflogin-based application. I have a typical setup with the suggested cflogin structure in the web application construction kit and in the CFdocs. I have a user interface that allows an admin to update a user's roles. The problem is that when a user logs in after the roles have been updated, they still have access to all the pages they did before. How can I make the CF application server requery roles every time a user logs in?
If you are storing the information in cookies then you may need to clear the user cookies and re-write them.
ASKER
Well I'm storing the login information in the cfloginuser structure and using the IsUserInRole function. I assumed that when I ran the cflogout command that it would clear it, but apparently it doesn't. Any suggestions?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I think this would be related to the session variables / etc. that coldfusion uses. Stuff this code into the onrequestend.cfm template for the application in question.
<cfif IsDefined("cookie.CFID")>
<cfcookie name="CFID" value="#cookie.CFID#">
</cfif>
<cfif IsDefined("cookie.CFToken" )>
<cfcookie name="CFToken" value="#cookie.CFToken#">
</cfif>
or just put that code at the end of each page where you expect the user to log out, but DO NOT use it after a cflocation or it won't work.
<cfif IsDefined("cookie.CFID")>
<cfcookie name="CFID" value="#cookie.CFID#">
</cfif>
<cfif IsDefined("cookie.CFToken"
<cfcookie name="CFToken" value="#cookie.CFToken#">
</cfif>
or just put that code at the end of each page where you expect the user to log out, but DO NOT use it after a cflocation or it won't work.
purge ur browser cache & chk again - it shld !