Azman returns cached roles to .Net API

Discussion in 'ASP .Net Security' started by Enrique Vargas, Jan 27, 2006.

  1. Hi, I'm using Active Directory as Membership Provider and Azman as
    RoleProvider, everything works fine except that any change made in Azman
    after the ASP.NET 2.0 APP is
    initialized returns a cached version of the roles information. The APP needs
    to know about any change produced while is running. Any idea why Azman is
    returning a cache version of the roles definitions.Thanks.
     
    Enrique Vargas, Jan 27, 2006
    #1
    1. Advertising

  2. Hi,

    have you tried disabling caching in the roles configuration?

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Hi, I'm using Active Directory as Membership Provider and Azman as
    > RoleProvider, everything works fine except that any change made in
    > Azman
    > after the ASP.NET 2.0 APP is
    > initialized returns a cached version of the roles information. The APP
    > needs
    > to know about any change produced while is running. Any idea why Azman
    > is
    > returning a cache version of the roles definitions.Thanks
     
    Dominick Baier [DevelopMentor], Jan 28, 2006
    #2
    1. Advertising

  3. Yes,,

    <roleManager enabled="true" cacheRolesInCookie="false"
    defaultProvider="RoleManagerAzManProvider" cookieRequireSSL="false"
    cookieSlidingExpiration="false" createPersistentCookie="false"
    cookieProtection="All" >
    <providers>
    <add name= xxx />
    </providers>
    </roleManager>

    "Enrique Vargas" <> wrote in message
    news:%...
    > Hi, I'm using Active Directory as Membership Provider and Azman as
    > RoleProvider, everything works fine except that any change made in Azman
    > after the ASP.NET 2.0 APP is
    > initialized returns a cached version of the roles information. The APP
    > needs to know about any change produced while is running. Any idea why
    > Azman is returning a cache version of the roles definitions.Thanks.
    >
     
    Enrique Vargas, Jan 30, 2006
    #3
  4. Hi,

    ok - i have to look at the source code then.

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Yes,,
    >
    > <roleManager enabled="true" cacheRolesInCookie="false"
    > defaultProvider="RoleManagerAzManProvider" cookieRequireSSL="false"
    > cookieSlidingExpiration="false" createPersistentCookie="false"
    > cookieProtection="All" >
    > <providers>
    > <add name= xxx />
    > </providers>
    > </roleManager>
    > "Enrique Vargas" <> wrote in message
    > news:%...
    >
    >> Hi, I'm using Active Directory as Membership Provider and Azman as
    >> RoleProvider, everything works fine except that any change made in
    >> Azman
    >> after the ASP.NET 2.0 APP is
    >> initialized returns a cached version of the roles information. The
    >> APP
    >> needs to know about any change produced while is running. Any idea
    >> why
    >> Azman is returning a cache version of the roles definitions.Thanks
     
    Dominick Baier [DevelopMentor], Jan 30, 2006
    #4
  5. Web.Config

    1.Connection Strings.
    <add name="ADConnectionString"
    connectionString="LDAP://server.domain.local/CN=Users,DC=domain,DC=local"/>
    <add name="AzManConnectionString"
    connectionString="msldap://server/CN=store,DC=domain,DC=local"/>

    2.<membership defaultProvider="MyADMembershipProvider">
    <providers>
    <add name="MyADMembershipProvider"
    type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web,
    Version=2.0.0.0,
    Culture=neutral,
    PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ADConnectionString"
    connectionUsername="domain\Administrator" connectionPassword="pass@word1"
    connectionProtection="Secure" enableSearchMethods="true"
    attributeMapUsername="sAMAccountName" minRequiredPasswordLength="7"
    applicationName="APP" minRequiredNonalphanumericCharacters="1"/>
    </providers>
    </membership>

    3.<roleManager enabled="true" cacheRolesInCookie="false"
    defaultProvider="RoleManagerAzManProvider" cookieTimeout="30"
    cookieRequireSSL="false" cookieSlidingExpiration="false"
    createPersistentCookie="false" cookieProtection="All" >
    <providers>
    <add name="RoleManagerAzManProvider"
    type="System.Web.Security.AuthorizationStoreRoleProvider, System.Web,
    Version=2.0.0.0,
    Culture=neutral,
    publicKeyToken=b03f5f7f11d50a3a" connectionStringName="AzManADAMServer"
    applicationName="APP"/>
    </providers>
    </roleManager>

    4.<authentication mode="Forms">
    <forms loginUrl="Login.aspx" defaultUrl="Default.aspx" timeout="30"
    protection="All" requireSSL="false" slidingExpiration="false"
    cookieless="UseCookies"/>
    </authentication>

    5. <authorization>
    <deny users="?"/>
    </authorization>

    Simple Test Page .aspx.

    If User.Identity.IsAuthenticated Then


    Dim rp As RolePrincipal = CType(User, RolePrincipal)

    Dim roleInfo As StringBuilder = New StringBuilder
    roleInfo.AppendFormat("<h2>Welcome {0}</h2>", rp.Identity.Name)
    roleInfo.AppendFormat("<b>Provider:</b> {0}<BR>",
    rp.ProviderName)
    roleInfo.AppendFormat("<b>Version:</b> {0}<BR>", rp.Version)
    roleInfo.AppendFormat("<b>Expires at:</b> {0}<BR>",
    rp.ExpireDate)
    roleInfo.AppendFormat("<b>Cache List Changed:</b> {0}<BR>",
    rp.CachedListChanged)
    roleInfo.AppendFormat("<b>Is role List Cached:</b> {0}<BR>",
    rp.IsRoleListCached)
    roleInfo.Append("<b>Roles:</b> ")

    Dim roles() As String = rp.GetRoles

    For i As Integer = 0 To roles.Length - 1
    roleInfo.Append(", ")
    roleInfo.Append(roles(i))
    Next

    Me.Label1.Text = roleInfo.ToString

    End If

    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hi,
    > ok - i have to look at the source code then.
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    >> Yes,,
    >>
    >> <roleManager enabled="true" cacheRolesInCookie="false"
    >> defaultProvider="RoleManagerAzManProvider" cookieRequireSSL="false"
    >> cookieSlidingExpiration="false" createPersistentCookie="false"
    >> cookieProtection="All" >
    >> <providers>
    >> <add name= xxx />
    >> </providers>
    >> </roleManager>
    >> "Enrique Vargas" <> wrote in message
    >> news:%...
    >>
    >>> Hi, I'm using Active Directory as Membership Provider and Azman as
    >>> RoleProvider, everything works fine except that any change made in
    >>> Azman
    >>> after the ASP.NET 2.0 APP is
    >>> initialized returns a cached version of the roles information. The
    >>> APP
    >>> needs to know about any change produced while is running. Any idea
    >>> why
    >>> Azman is returning a cache version of the roles definitions.Thanks.

    >
    >
     
    Enrique Vargas, Jan 30, 2006
    #5
  6. Hi,

    does RolePrincipal.SetDirty() help?

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Web.Config
    >
    > 1.Connection Strings.
    > <add name="ADConnectionString"
    > connectionString="LDAP://server.domain.local/CN=Users,DC=domain,DC=loc
    > al"/>
    > <add name="AzManConnectionString"
    > connectionString="msldap://server/CN=store,DC=domain,DC=local"/>
    > 2.<membership defaultProvider="MyADMembershipProvider">
    > <providers>
    > <add name="MyADMembershipProvider"
    > type="System.Web.Security.ActiveDirectoryMembershipProvider,
    > System.Web,
    > Version=2.0.0.0,
    Culture=neutral,
    > PublicKeyToken=b03f5f7f11d50a3a"
    > connectionStringName="ADConnectionString"
    > connectionUsername="domain\Administrator"
    > connectionPassword="pass@word1"
    > connectionProtection="Secure" enableSearchMethods="true"
    > attributeMapUsername="sAMAccountName" minRequiredPasswordLength="7"
    > applicationName="APP" minRequiredNonalphanumericCharacters="1"/>
    > </providers>
    > </membership>
    > 3.<roleManager enabled="true" cacheRolesInCookie="false"
    > defaultProvider="RoleManagerAzManProvider" cookieTimeout="30"
    > cookieRequireSSL="false" cookieSlidingExpiration="false"
    > createPersistentCookie="false" cookieProtection="All" >
    > <providers>
    > <add name="RoleManagerAzManProvider"
    > type="System.Web.Security.AuthorizationStoreRoleProvider, System.Web,
    > Version=2.0.0.0,
    Culture=neutral,
    > publicKeyToken=b03f5f7f11d50a3a"
    > connectionStringName="AzManADAMServer"
    > applicationName="APP"/>
    > </providers>
    > </roleManager>
    > 4.<authentication mode="Forms">
    > <forms loginUrl="Login.aspx" defaultUrl="Default.aspx" timeout="30"
    > protection="All" requireSSL="false" slidingExpiration="false"
    > cookieless="UseCookies"/>
    > </authentication>
    > 5. <authorization>
    > <deny users="?"/>
    > </authorization>
    > Simple Test Page .aspx.
    >
    > If User.Identity.IsAuthenticated Then
    >
    > Dim rp As RolePrincipal = CType(User, RolePrincipal)
    >
    > Dim roleInfo As StringBuilder = New StringBuilder
    > roleInfo.AppendFormat("<h2>Welcome {0}</h2>",
    > rp.Identity.Name)
    > roleInfo.AppendFormat("<b>Provider:</b> {0}<BR>",
    > rp.ProviderName)
    > roleInfo.AppendFormat("<b>Version:</b> {0}<BR>",
    > rp.Version)
    > roleInfo.AppendFormat("<b>Expires at:</b> {0}<BR>",
    > rp.ExpireDate)
    > roleInfo.AppendFormat("<b>Cache List Changed:</b>
    > {0}<BR>",
    > rp.CachedListChanged)
    > roleInfo.AppendFormat("<b>Is role List Cached:</b>
    > {0}<BR>",
    > rp.IsRoleListCached)
    > roleInfo.Append("<b>Roles:</b> ")
    > Dim roles() As String = rp.GetRoles
    >
    > For i As Integer = 0 To roles.Length - 1
    > roleInfo.Append(", ")
    > roleInfo.Append(roles(i))
    > Next
    > Me.Label1.Text = roleInfo.ToString
    >
    > End If
    >
    > "Dominick Baier [DevelopMentor]"
    > <> wrote in message
    > news:...
    >
    >> Hi,
    >> ok - i have to look at the source code then.
    >> ---------------------------------------
    >> Dominick Baier - DevelopMentor
    >> http://www.leastprivilege.com
    >>> Yes,,
    >>>
    >>> <roleManager enabled="true" cacheRolesInCookie="false"
    >>> defaultProvider="RoleManagerAzManProvider" cookieRequireSSL="false"
    >>> cookieSlidingExpiration="false" createPersistentCookie="false"
    >>> cookieProtection="All" >
    >>> <providers>
    >>> <add name= xxx />
    >>> </providers>
    >>> </roleManager>
    >>> "Enrique Vargas" <> wrote in message
    >>> news:%...
    >>>> Hi, I'm using Active Directory as Membership Provider and Azman as
    >>>> RoleProvider, everything works fine except that any change made in
    >>>> Azman
    >>>> after the ASP.NET 2.0 APP is
    >>>> initialized returns a cached version of the roles information. The
    >>>> APP
    >>>> needs to know about any change produced while is running. Any idea
    >>>> why
    >>>> Azman is returning a cache version of the roles definitions.Thanks
     
    Dominick Baier [DevelopMentor], Jan 30, 2006
    #6
  7. Hi,

    aah - you have to set the cacheRefreshInterval attribute in the provider
    config. It is set to 60 (minutes i guess) by default.

    MSDN says

    "Gets the number of minutes between refreshes of the cache of the policy-store
    data."

    :)

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > Web.Config
    >
    > 1.Connection Strings.
    > <add name="ADConnectionString"
    > connectionString="LDAP://server.domain.local/CN=Users,DC=domain,DC=loc
    > al"/>
    > <add name="AzManConnectionString"
    > connectionString="msldap://server/CN=store,DC=domain,DC=local"/>
    > 2.<membership defaultProvider="MyADMembershipProvider">
    > <providers>
    > <add name="MyADMembershipProvider"
    > type="System.Web.Security.ActiveDirectoryMembershipProvider,
    > System.Web,
    > Version=2.0.0.0,
    Culture=neutral,
    > PublicKeyToken=b03f5f7f11d50a3a"
    > connectionStringName="ADConnectionString"
    > connectionUsername="domain\Administrator"
    > connectionPassword="pass@word1"
    > connectionProtection="Secure" enableSearchMethods="true"
    > attributeMapUsername="sAMAccountName" minRequiredPasswordLength="7"
    > applicationName="APP" minRequiredNonalphanumericCharacters="1"/>
    > </providers>
    > </membership>
    > 3.<roleManager enabled="true" cacheRolesInCookie="false"
    > defaultProvider="RoleManagerAzManProvider" cookieTimeout="30"
    > cookieRequireSSL="false" cookieSlidingExpiration="false"
    > createPersistentCookie="false" cookieProtection="All" >
    > <providers>
    > <add name="RoleManagerAzManProvider"
    > type="System.Web.Security.AuthorizationStoreRoleProvider, System.Web,
    > Version=2.0.0.0,
    Culture=neutral,
    > publicKeyToken=b03f5f7f11d50a3a"
    > connectionStringName="AzManADAMServer"
    > applicationName="APP"/>
    > </providers>
    > </roleManager>
    > 4.<authentication mode="Forms">
    > <forms loginUrl="Login.aspx" defaultUrl="Default.aspx" timeout="30"
    > protection="All" requireSSL="false" slidingExpiration="false"
    > cookieless="UseCookies"/>
    > </authentication>
    > 5. <authorization>
    > <deny users="?"/>
    > </authorization>
    > Simple Test Page .aspx.
    >
    > If User.Identity.IsAuthenticated Then
    >
    > Dim rp As RolePrincipal = CType(User, RolePrincipal)
    >
    > Dim roleInfo As StringBuilder = New StringBuilder
    > roleInfo.AppendFormat("<h2>Welcome {0}</h2>",
    > rp.Identity.Name)
    > roleInfo.AppendFormat("<b>Provider:</b> {0}<BR>",
    > rp.ProviderName)
    > roleInfo.AppendFormat("<b>Version:</b> {0}<BR>",
    > rp.Version)
    > roleInfo.AppendFormat("<b>Expires at:</b> {0}<BR>",
    > rp.ExpireDate)
    > roleInfo.AppendFormat("<b>Cache List Changed:</b>
    > {0}<BR>",
    > rp.CachedListChanged)
    > roleInfo.AppendFormat("<b>Is role List Cached:</b>
    > {0}<BR>",
    > rp.IsRoleListCached)
    > roleInfo.Append("<b>Roles:</b> ")
    > Dim roles() As String = rp.GetRoles
    >
    > For i As Integer = 0 To roles.Length - 1
    > roleInfo.Append(", ")
    > roleInfo.Append(roles(i))
    > Next
    > Me.Label1.Text = roleInfo.ToString
    >
    > End If
    >
    > "Dominick Baier [DevelopMentor]"
    > <> wrote in message
    > news:...
    >
    >> Hi,
    >> ok - i have to look at the source code then.
    >> ---------------------------------------
    >> Dominick Baier - DevelopMentor
    >> http://www.leastprivilege.com
    >>> Yes,,
    >>>
    >>> <roleManager enabled="true" cacheRolesInCookie="false"
    >>> defaultProvider="RoleManagerAzManProvider" cookieRequireSSL="false"
    >>> cookieSlidingExpiration="false" createPersistentCookie="false"
    >>> cookieProtection="All" >
    >>> <providers>
    >>> <add name= xxx />
    >>> </providers>
    >>> </roleManager>
    >>> "Enrique Vargas" <> wrote in message
    >>> news:%...
    >>>> Hi, I'm using Active Directory as Membership Provider and Azman as
    >>>> RoleProvider, everything works fine except that any change made in
    >>>> Azman
    >>>> after the ASP.NET 2.0 APP is
    >>>> initialized returns a cached version of the roles information. The
    >>>> APP
    >>>> needs to know about any change produced while is running. Any idea
    >>>> why
    >>>> Azman is returning a cache version of the roles definitions.Thanks.
     
    Dominick Baier [DevelopMentor], Jan 30, 2006
    #7
  8. Hi, u are right Dominick the cacheRefreshInterval does the job, thank u!!

    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    > Hi,
    > aah - you have to set the cacheRefreshInterval attribute in the provider
    > config. It is set to 60 (minutes i guess) by default.
    >
    > MSDN says
    > "Gets the number of minutes between refreshes of the cache of the
    > policy-store data."
    > :)
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
    >> Web.Config
    >>
    >> 1.Connection Strings.
    >> <add name="ADConnectionString"
    >> connectionString="LDAP://server.domain.local/CN=Users,DC=domain,DC=loc
    >> al"/>
    >> <add name="AzManConnectionString"
    >> connectionString="msldap://server/CN=store,DC=domain,DC=local"/>
    >> 2.<membership defaultProvider="MyADMembershipProvider">
    >> <providers>
    >> <add name="MyADMembershipProvider"
    >> type="System.Web.Security.ActiveDirectoryMembershipProvider,
    >> System.Web,
    >> Version=2.0.0.0,
    Culture=neutral,
    >> PublicKeyToken=b03f5f7f11d50a3a"
    >> connectionStringName="ADConnectionString"
    >> connectionUsername="domain\Administrator"
    >> connectionPassword="pass@word1"
    >> connectionProtection="Secure" enableSearchMethods="true"
    >> attributeMapUsername="sAMAccountName" minRequiredPasswordLength="7"
    >> applicationName="APP" minRequiredNonalphanumericCharacters="1"/>
    >> </providers>
    >> </membership>
    >> 3.<roleManager enabled="true" cacheRolesInCookie="false"
    >> defaultProvider="RoleManagerAzManProvider" cookieTimeout="30"
    >> cookieRequireSSL="false" cookieSlidingExpiration="false"
    >> createPersistentCookie="false" cookieProtection="All" >
    >> <providers>
    >> <add name="RoleManagerAzManProvider"
    >> type="System.Web.Security.AuthorizationStoreRoleProvider, System.Web,
    >> Version=2.0.0.0,
    Culture=neutral,
    >> publicKeyToken=b03f5f7f11d50a3a"
    >> connectionStringName="AzManADAMServer"
    >> applicationName="APP"/>
    >> </providers>
    >> </roleManager>
    >> 4.<authentication mode="Forms">
    >> <forms loginUrl="Login.aspx" defaultUrl="Default.aspx" timeout="30"
    >> protection="All" requireSSL="false" slidingExpiration="false"
    >> cookieless="UseCookies"/>
    >> </authentication>
    >> 5. <authorization>
    >> <deny users="?"/>
    >> </authorization>
    >> Simple Test Page .aspx.
    >>
    >> If User.Identity.IsAuthenticated Then
    >>
    >> Dim rp As RolePrincipal = CType(User, RolePrincipal)
    >>
    >> Dim roleInfo As StringBuilder = New StringBuilder
    >> roleInfo.AppendFormat("<h2>Welcome {0}</h2>",
    >> rp.Identity.Name)
    >> roleInfo.AppendFormat("<b>Provider:</b> {0}<BR>",
    >> rp.ProviderName)
    >> roleInfo.AppendFormat("<b>Version:</b> {0}<BR>",
    >> rp.Version)
    >> roleInfo.AppendFormat("<b>Expires at:</b> {0}<BR>",
    >> rp.ExpireDate)
    >> roleInfo.AppendFormat("<b>Cache List Changed:</b>
    >> {0}<BR>",
    >> rp.CachedListChanged)
    >> roleInfo.AppendFormat("<b>Is role List Cached:</b>
    >> {0}<BR>",
    >> rp.IsRoleListCached)
    >> roleInfo.Append("<b>Roles:</b> ")
    >> Dim roles() As String = rp.GetRoles
    >>
    >> For i As Integer = 0 To roles.Length - 1
    >> roleInfo.Append(", ")
    >> roleInfo.Append(roles(i))
    >> Next
    >> Me.Label1.Text = roleInfo.ToString
    >>
    >> End If
    >>
    >> "Dominick Baier [DevelopMentor]"
    >> <> wrote in message
    >> news:...
    >>
    >>> Hi,
    >>> ok - i have to look at the source code then.
    >>> ---------------------------------------
    >>> Dominick Baier - DevelopMentor
    >>> http://www.leastprivilege.com
    >>>> Yes,,
    >>>>
    >>>> <roleManager enabled="true" cacheRolesInCookie="false"
    >>>> defaultProvider="RoleManagerAzManProvider" cookieRequireSSL="false"
    >>>> cookieSlidingExpiration="false" createPersistentCookie="false"
    >>>> cookieProtection="All" >
    >>>> <providers>
    >>>> <add name= xxx />
    >>>> </providers>
    >>>> </roleManager>
    >>>> "Enrique Vargas" <> wrote in message
    >>>> news:%...
    >>>>> Hi, I'm using Active Directory as Membership Provider and Azman as
    >>>>> RoleProvider, everything works fine except that any change made in
    >>>>> Azman
    >>>>> after the ASP.NET 2.0 APP is
    >>>>> initialized returns a cached version of the roles information. The
    >>>>> APP
    >>>>> needs to know about any change produced while is running. Any idea
    >>>>> why
    >>>>> Azman is returning a cache version of the roles definitions.Thanks.

    >
    >
     
    Enrique Vargas, Jan 30, 2006
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Craig G
    Replies:
    0
    Views:
    399
    Craig G
    Mar 7, 2005
  2. Michael Herman \(Parallelspace/OpenCanal\)

    AzMan: Has anyone created an HTML/Web management console as an alternative to the AzMan MMC?

    Michael Herman \(Parallelspace/OpenCanal\), Jan 6, 2006, in forum: ASP .Net Security
    Replies:
    0
    Views:
    270
    Michael Herman \(Parallelspace/OpenCanal\)
    Jan 6, 2006
  3. mkc

    ADAM/AzMan Does Not Create Roles/Tasks

    mkc, Oct 19, 2006, in forum: ASP .Net Security
    Replies:
    0
    Views:
    239
  4. Rincewind60

    cached azMan applications loses its roles

    Rincewind60, Nov 16, 2006, in forum: ASP .Net Security
    Replies:
    0
    Views:
    140
    Rincewind60
    Nov 16, 2006
  5. Lars Sundstrom

    Azman. Unable to recive rolls from Azman.

    Lars Sundstrom, Oct 9, 2008, in forum: ASP .Net Security
    Replies:
    0
    Views:
    772
    Lars Sundstrom
    Oct 9, 2008
Loading...

Share This Page