I use the LOGON service as part of the logon process on our Intranet where I add custom roles that I use throughout all of my applications to designate permissions for different applications at the time that the user logs in.
One of my applications is an administrative page that only I have access to where I do the actual assignment of user permissions. At the moment, when I make a permission change, the user has to sign out and then sign back in in order for the LOGON service to re-create the custom roles.
Is it possible to access the CUSTOMROLES resource that is defined in LOGON_REQUEST outside of the LOGON service so that I can reload the permissions dynamically without the user having to log out and log back in ?
Access CUSTOMROLE outside of the logon service
Moderators: Jon, Steve, Ian, Dave
-
Segi
- Ebase User
- Posts: 649
- Joined: Mon Dec 09, 2013 6:37 pm
-
Jon
- Moderator
- Posts: 1342
- Joined: Wed Sep 12, 2007 12:49 pm
There isn't an API that allows you to add roles once a user has signed on. This is by design, the intention being to isolate the security verification process (the Logon Service) from application programming as much as possible.
The only suggestion I can think of is that you could ask the user to re-enter their password as part of your application and then re-log them on by calling the Logon Service via system.securityManager.logon(). This would have to be done inside the user session - it isn't possible to externally change the security settings of other user sessions.
The only suggestion I can think of is that you could ask the user to re-enter their password as part of your application and then re-log them on by calling the Logon Service via system.securityManager.logon(). This would have to be done inside the user session - it isn't possible to externally change the security settings of other user sessions.
0 x
Who is online
Users browsing this forum: No registered users and 11 guests