Hi,
I guess that’s one way to do it, although it is a bit problematic from security viewpoint to check authorization only when the session is created. While it might not be a huge problem to log out and in if access rights are increased, it is a security problem if reduction in access rights is not applied immediately. Therefore, I’d recommend checking for the authorization in the access() calls to the UIs. If it’s not needed to check for increase of access rights immediately, use in combination to what was suggested above.