Hi James, If your AuthorizationInfo is cached, you might need to update the cache when new permissions are created for the principal.
Manoj On Mon, Dec 12, 2011 at 9:31 PM, James Whetstone <[email protected]> wrote: > Hi everyone, > > My web app allows users to create resources dynamically through a web > service. When this occurs, the user that is adding the new resource gets > permission to read the resource. > > For example, the use that add the new resource will be given the following > permission: "my_resource_type:read:a1cd6635-42a9-4528-bddf-4c994c58cf9a". > The permissions are stored as strings in the database. > > So my problem is that if the user tries to read the resource immediately > following the creation of the resource, the user is denied because the user > has already been authorized through my custom realm and the new permission > hasn't been processed out of the database as would normally occur when user > authorization occurs. > > So I'm wondering if there is a way to force reauthorization, or otherwise > handle this type of dynamic update to permissions, maybe by updating the > Subject's authorization info dynamically. > > Thank you! > James > -- http://khangaonkar.blogspot.com/
