Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > IsInRole doesn't works correctly

Reply
Thread Tools

IsInRole doesn't works correctly

 
 
alexb
Guest
Posts: n/a
 
      05-10-2004
In my ASP.NET Application i check whether user that opens application is a
member of my created Windows Group(Managers).

if (Context.User.IsInRol(@"MyCompName\Managers"))
{
TextBox1.Text="OK";
}

If i use Integrated Windows Authentication in IIS all OK but with Basic
Authentication i have a problem.
What is a problem:
When i first time open my application, the Basic Authentication Form is
appear.
I enter login and password of user that in my "Managers" local windows group
and IsInRol works correctly.

I close Internet Explorer. Remove this user from my "Managers" group and try
again to open my application in hope
to get IsInRol=False, but i get True.

Only after restart IIS I get correctly result.

Why it's works so and how can i resolve this problem because i need use
Basic Authentication

Thanks.


 
Reply With Quote
 
 
 
 
Alek Davis
Guest
Posts: n/a
 
      05-14-2004
Alex,

There seems to be a problem (and possibly not one) with IsInRole
functionality.Check this thread:
http://groups.google.com/groups?hl=e...gbl%26rnum%3D1
(or http://tinyurl.com/2e2lm). I am not sure if I understand this correctly,
but it seems to me that Basic Authentication is prone to caching problems.
For example, if you call a Web Service programmatically passing valid basic
credentials (which will establish a connection), the close the connection,
and try the exactly same operation using wrong credentials, the operation
will not fail (it will fail after a 30-minute - or so - timeout, though).
See if Keith Brown's approach helps you (please post the solution if you
find one).

Alek

"alexb" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> In my ASP.NET Application i check whether user that opens application is a
> member of my created Windows Group(Managers).
>
> if (Context.User.IsInRol(@"MyCompName\Managers"))
> {
> TextBox1.Text="OK";
> }
>
> If i use Integrated Windows Authentication in IIS all OK but with Basic
> Authentication i have a problem.
> What is a problem:
> When i first time open my application, the Basic Authentication Form is
> appear.
> I enter login and password of user that in my "Managers" local windows

group
> and IsInRol works correctly.
>
> I close Internet Explorer. Remove this user from my "Managers" group and

try
> again to open my application in hope
> to get IsInRol=False, but i get True.
>
> Only after restart IIS I get correctly result.
>
> Why it's works so and how can i resolve this problem because i need use
> Basic Authentication
>
> Thanks.
>
>



 
Reply With Quote
 
 
 
 
alexb
Guest
Posts: n/a
 
      05-16-2004
You understand me correctly.

If i remove user from windows group after first logon to my site, IsInRole
works not correctly because Basic Authentication is prone to caching user
token data.


"Alek Davis" <alek_xDOTx_davis_xATx_intel_xDOTx_com> wrote in message
news:(E-Mail Removed)...
> Alex,
>
> There seems to be a problem (and possibly not one) with IsInRole
> functionality.Check this thread:
>

http://groups.google.com/groups?hl=e...gbl%26rnum%3D1
> (or http://tinyurl.com/2e2lm). I am not sure if I understand this

correctly,
> but it seems to me that Basic Authentication is prone to caching problems.
> For example, if you call a Web Service programmatically passing valid

basic
> credentials (which will establish a connection), the close the connection,
> and try the exactly same operation using wrong credentials, the operation
> will not fail (it will fail after a 30-minute - or so - timeout, though).
> See if Keith Brown's approach helps you (please post the solution if you
> find one).
>
> Alek
>
> "alexb" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > In my ASP.NET Application i check whether user that opens application is

a
> > member of my created Windows Group(Managers).
> >
> > if (Context.User.IsInRol(@"MyCompName\Managers"))
> > {
> > TextBox1.Text="OK";
> > }
> >
> > If i use Integrated Windows Authentication in IIS all OK but with Basic
> > Authentication i have a problem.
> > What is a problem:
> > When i first time open my application, the Basic Authentication Form is
> > appear.
> > I enter login and password of user that in my "Managers" local windows

> group
> > and IsInRol works correctly.
> >
> > I close Internet Explorer. Remove this user from my "Managers" group and

> try
> > again to open my application in hope
> > to get IsInRol=False, but i get True.
> >
> > Only after restart IIS I get correctly result.
> >
> > Why it's works so and how can i resolve this problem because i need use
> > Basic Authentication
> >
> > Thanks.
> >
> >

>
>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Does viewstate works correctly on VS 2005 web server? GS ASP .Net 7 02-03-2006 09:34 PM
When I turn on my PC, it works, works, works. Problem! Fogar Computer Information 1 01-17-2006 12:57 AM
isInRole doesn't work for one user, but works for everyone else Dominick Baier ASP .Net Security 2 10-21-2004 10:13 AM
isInRole doesn't work for one user, but works for everyone else petersonrj ASP .Net Security 0 09-17-2004 06:55 PM
After rebooting my PC works, works, works! Antivirus problem? Adriano Computer Information 1 12-15-2003 05:30 AM



Advertisments