Hello, I have a query about invalidating the authorisation cache for users who are not the current subject.
My use case is the following: - a group administrator, via a web interface, alters the permissions on a single document instance from 'read' to 'write' for group members. We'd like this permission change to be immediately accessible to other group members. - This permission is stored as a Shiro permission string in a database table representing the group. - When doGetAuthorisationInfo() is called, the subject's permissions are derived from their role, individual permissions and permissions acquired from groups they belong to. - However, because of the caching, the changes don't appear for other users until the cache expires. Is there a way for the subject who is making permissions changes to force a refresh of the cache for other users ( in this case, other group members affected by the permissions change)? If not, what is the workaround that people use - is there a better approach? E.g., delaying notification to the other group members until the cache has expired? Thanks, Richard -- View this message in context: http://shiro-user.582556.n2.nabble.com/clear-cache-for-other-subjects-tp7578200.html Sent from the Shiro User mailing list archive at Nabble.com.
