How to invalidate .AspNet.ApplicationCookie after Adding user to Role using Asp.Net Identity 2?

Question

I have 2 questions related to that:

1) I need to invalidate.AspNet.ApplicationCookie after Adding / Removing some remote user to Role using Asp.Net Iden

Answer 1

Setting CookieAuthenticationOptions is not enough. When I created new ASP.NET MVC project in VS everything is working good and GenerateUserIdentityAsync() is hitted by each request (if validateInterval is 0). The only problem was that you have to register context per request:

app.CreatePerOwinContext(ApplicationDbContext.Create);
app.CreatePerOwinContext(ApplicationUserManager.Create);

As I am using Winsdor Castle to create context per request, I deleted these lines from template. In injected method in ApplicationUserManager.Create is set UserTokenProvider, which does the magic perharps.

Nowhere in documentation is anything about that, but finally it solves the problem.

If you are using your own IoC, you can resolve dependency this way (eg. using Castle Winsdor)

app.CreatePerOwinContext(() => IoCContainerManager.Container.Resolve());
app.CreatePerOwinContext(() => IoCContainerManager.Container.Resolve());

and register types this way:

container.Register(Component.For().LifestylePerWebRequest());
container.Register(Component.For().LifestylePerWebRequest());