I have implemented table-based authentication and authorization. When roles are changed in the table, the browser does not always reflect the changes properly.
Example: A user starts out as a BIConsumer. At the first sign-in, the user is definitely a BIConsumer. Only the proper options and links are present on the Home screen. A check of My Account shows just the BIConsumer role.
Now let's change the authorization table to change the user to a BIServiceAdministrator. On the next sign-in, the Home screen still looks like a BIConsumer, except that the Administration link is now present on the upper toolbar, and all of the options on the Admin page are present. Checking the My Account, we see that the user is indeed part of the BIServiceAdministrator role. So part of the Home screen reflects the proper role (i.e. the presence of the Administration link), but the rest of the Home screen still looks like a consumer (i.e. very limited options available under the New... link).
It's very inconsistent. Sometimes everything works fine. Sometimes it doesn't. Browser cache? I don't think so. I am currently looking in Firefox at a user whose role in the authorization table shows BIServiceAdministrator, but he looks like a BIConsumer on the home page. I now sign in with Internet Explorer for the very first time for this user, and I see exactly the same thing.
I have tried clearing the browser cache. I have tried the Reload Files and Metadata option on the Administration page. And the authentication and authorization tables are tagged as non-cacheable in the repository.
I don't know where else to look or what else to change. How can we make sure that role changes are activated and reflected correctly, every time?
