clear cache for other subjects?

[otter606 <ri...@researchspace.com>]

Hello,
 I have a query about invalidating the authorisation cache for users who are
not the current subject.

 My use case is the following:
- a group administrator, via a web interface,  alters the permissions on a
single document instance from 'read' to 'write' for group members. We'd like
this permission change to be immediately accessible to other group members.
- This permission is stored as a Shiro permission string in a database table
representing the group.
- When doGetAuthorisationInfo() is called, the subject's permissions are
derived from their role, individual permissions and permissions acquired
from groups they belong to.
- However, because of the caching, the changes don't appear for other users
until the cache expires.

Is there a way for the subject who is making permissions changes to force a
refresh of the cache for other users ( in this case, other group members
affected by the permissions change)? 

If not, what is the workaround that people use - is there a better approach?
E.g., delaying notification to the other group members until the cache has
expired?

Thanks,

Richard



--
View this message in context: http://shiro-user.582556.n2.nabble.com/clear-cache-for-other-subjects-tp7578200.html
Sent from the Shiro User mailing list archive at Nabble.com.