|
|
|
|
03-24-2005, 01:21 PM
|
#1 |
IsInRole problem?
Hi,
I'm testing the IsInRole method on my app. I'm using Integrated security so I'm not sure if that has something to do with it. I have a groups table which I want to secure certain portions of my application. In the global.asax: protected void Application_AcquireRequestState(Object sender, EventArgs e) { if (Request.IsAuthenticated) { string[] arrRoles = new string[]{"Manager", "Cleaner"}; System.Threading.Thread.CurrentPrincipal = new System.Security.Principal.GenericPrincipal(Context .User.Identity, arrRoles); } } In a page secured by integrated security I get "false" for the following code: Context.User.IsInRole("Manager") //-returns false when I thought it should be true? Thanks =?Utf-8?B?RGF2ZQ==?= |
|
|
|
03-24-2005, 02:59 PM
|
#2 |
|
Posts: n/a
|
Re: IsInRole problem?
I'd really create my own object to keep track of these roles. Attaching to the context works great for a forms-authentication app, but when you throw windows authentication into the mix, by default, IsInRole will be checking active directory groups. You are essentially trying to overwrite this, which to me doesn't seem like a good idea. You'll have a lot more flexibility down the road if you create your own object to check these roles, and just store that in the session.
--Michael "Dave" <> wrote in message news:F1320287-5B8F-4262-A6CF-... > Hi, > > I'm testing the IsInRole method on my app. I'm using Integrated security so > I'm not sure if that has something to do with it. I have a groups table > which I want to secure certain portions of my application. > > In the global.asax: > > protected void Application_AcquireRequestState(Object sender, EventArgs e) > { > if (Request.IsAuthenticated) > { > string[] arrRoles = new string[]{"Manager", "Cleaner"}; > System.Threading.Thread.CurrentPrincipal = new > System.Security.Principal.GenericPrincipal(Context .User.Identity, arrRoles); > } > } > > In a page secured by integrated security I get "false" for the following code: > > Context.User.IsInRole("Manager") //-returns false when I thought it should > be true? > > Thanks > > > > > |
|
|
|
03-25-2005, 12:04 AM
|
#3 |
|
Posts: n/a
|
IsInRole problem?
Hi Dave,
Role name like user name should also include domain name: User.IsInRole("Your_Domain_Name\Manager") HTH Elton Wang >-----Original Message----- >Hi, > >I'm testing the IsInRole method on my app. I'm using Integrated security so >I'm not sure if that has something to do with it. I have a groups table >which I want to secure certain portions of my application. > >In the global.asax: > >protected void Application_AcquireRequestState(Object sender, EventArgs e) >{ > if (Request.IsAuthenticated) > { > string[] arrRoles = new string[] {"Manager", "Cleaner"}; > System.Threading.Thread.CurrentPrincipal = new >System.Security.Principal.GenericPrincipal (Context.User.Identity, arrRoles); > } >} > >In a page secured by integrated security I get "false" for the following code: > >Context.User.IsInRole("Manager") //-returns false when I thought it should >be true? > >Thanks > > > > > >. > |
|
|
