Force User Roles Update via DotNetNuke

One of the things that I have been finding that I do a lot recently is updating user security roles based on actions either taken by the users or actions that have been taken by others. Doing so is quite simple from a DotNetNuke API perspective but how do you go about actually forcing the role membership change right away? That is what I'll talk about in this post.

For performance and other considerations DotNetNuke uses a cookie to store users role information, encrypted and refreshed every 3 minutes by default. In most cases this isn't a big deal as users role memberships do not change that often. But in cases of users that want to get access, or remove access to different sections that can be a long time. So how do we resolve this?

It is quite easily to simply expire the cookie, the next request by the user will get the values and they will have any access that they need. Simply add the following code to your module.

var cookie = new HttpCookie("portalroles");

cookie.Expires = DateTime.Now.AddYears(-2);

Response.Cookies.Add(cookie);

That is all you have to do. Simply expire the portalroles cookie and DNN will rebuild it on the next request!

Comments

I just looked at doing something similar the other week, just as I was about to give up I found this DNN forum thread on the subject where they talk about the negative side affects to manipulating the cookie directly http://www.dotnetnuke.com/Resources/Forums/forumid/110/postid/383952/scope/posts.aspx and they give some good examples of the server side way of doing this.

By Brad Murray on Monday, November 07, 2011 at 12:34 PM

Brad,

There are some good points here, I should add that I'm doing a redirect afterwards, and no need to purge all of the users cache, just the roles. But a great reference as well.

By mitchel.sellers@gmail.com on Monday, November 07, 2011 at 12:38 PM

Name (required)

Email (required)

Website