I need to change the security roles of a user dynamically and have it take to into effect as soon as the user logs out and logs in again.
The suggested solution for this is to flush the cache so that the new role will be used by the security manager for authorization.
But in the meantime if some other user changed his password, then after the flush happens that user will be asked to re-login when he tries to access any secured apges because of the discrypency between session credentials and the new password used by the security manager.
This is very frustrating as this could happen any time.What I really want by flush is for just the user to have privileges based on his changed role. (essentially be able to flush just thatusers cache or something like that).
I have seen similar threads psoted on this topic but I did not find any solutions for this problem.
Any heads up on this would be greatly appreciated.