All I can think of is to keep track of the session through a table. Every time you access your APP, the first thing it will do is to check that table. That would mean you have to keep your session id somewhere and bring it your the app. Whenever there are changes on the permission, that table should be updated. You can also have a smalldatetime column to signify the last time the application was used. If the current date/time is longer than x minutes than the last access, you can expire the session as well.
Just a thought....
-- CK
|