Try our conversational search powered by Generative AI!

Change users role while loged in



Im trying to change a user's role while he is logged in. I want him to be able to switch between "admin" and "user" in my system and based on that give hime access to different pages.


Basically I want to do something like this:


var usersCurrentRoles = Roles.GetRolesForUser(username);
if (usersCurrentRoles.Length > 0)
Roles.RemoveUserFromRoles(username, usersCurrentRoles);
Roles.AddUserToRole(username, role);


and the roles are changed for the user, if I check in Admin mode. But my Menu list does not change and my user can still access the same pages.


Do I need to logout and then login again for the roles to be effective?




Apr 17, 2013 16:56

It depends on if you have set cacheRolesInCookie on your role provider in web.config. If you use cache the roles, the user needs to re-login or close and re-open the browser.

Not all methods calls the cookie, eg GetRoles doesn't but IsInRole uses the cached roles.

Apr 18, 2013 9:18


It's little bit risky in our project to disable cacheRolesInCookie for the whole site, we want to di sable it for just some part of the site.Will it be working if we define a new <location path=””> & disable the cache just for the specific part of the site?



Edited, Jul 05, 2013 13:54

I guess you could set the path for the cookie, please see the "Controlling Cookie Scope" section here And you could aslo call the role methods that doesn't check the cookie.

Your proposed solution will not work.

Jul 05, 2013 14:01

Thanks Johan for very quick response :-) I will try that!

Jul 05, 2013 14:03
This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.