update login cookie in MVC site

lawrence whittemore asked on November 9, 2022 21:51

just curious if there is an easy way to update the authentication cookie. I have a MVC site that passes the current windows user in as a kentico user and logs them in. If a user doesn't have access to something it checks to make sure their windows AD groups have been updated and send them back to the page. It seems that the previous cookie is still in place and the site doesn't see the updated roles until the cookie is deleted. Is there an easy way to get the cookie to update?

Recent Answers

Dmitry Bastron answered on November 17, 2022 08:59

Hi Lawrence,

I'd recommend using a slightly different approach, there's no need to check AD groups constantly:

  • In Kentico create some Roles to mirror relevant groups from your AD
  • Upon login check AD groups and assign relevant Kentico Roles, or remove those which are no longer assigned
  • Then, if AD groups change, just ask the user to re-login and this will be picked up automatically
  • Within the code use Kentico Roles to check if a user has access to a certain feature/page on the website, which is a standard out of the box behaviour
0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.