Question

I have a strange issue with permissions. We have a web application with custom claims provider (I do not know if this is connected with the issue). We have some site collections with many documents (all documents have broken permissions... I know it is not ok but it has to be that way). The issue is that when I assign a user to a group (this group exists 'inside' our custom claims provider) the user receives permissions immediately - he can open the document. But if I revoke permissions - user still can open the document for around 4 or 5 minutes. After that time the permissions are 'truly' revoked. What the...?

Était-ce utile?

La solution

I have a feeling that this has to do with the Token refresh time. Basically the user's token is pulled from cache until X minutes have passed and the token is refreshed, thus picking up the revocation of permissions.

This might get you on the right track.

https://sergeluca.wordpress.com/2013/07/06/sharepoint-2013-use-ag-groups-yes-butdont-forget-the-security-token-caching-logontokencacheexpirationwindow-and-windowstokenlifetime/

Licencié sous: CC-BY-SA avec attribution
Non affilié à sharepoint.stackexchange
scroll top