AD groups based authorization

[Tomasz]

Hello

I would like to you use a groups based authorization, but in a little
different way. So i want to have two AD groups - one for read access
and second for write access. Then i want to check if user which is
running my web app belongs to read group. If yes, then web application
is hiding some controls. I was never doing such things with asp.net (i
did always classic session based auth.) but is it possible to simplify
such task with use of asp.net functionality ?

 

[Tomasz]

Hello

I would like to you use a groups based authorization, but in a little
different way. So i want to have two AD groups - one for read access
and second for write access. Then i want to check if user which is
running my web app belongs to read group. If yes, then web application
is hiding some controls. I was never doing such things with asp.net (i
did always classic session based auth.) but is it possible to simplify
such task with use of asp.net functionality ?

Ok, i found that i can do this with User.IsInRole. But there i have a
second problem.
It works perfectly with groups in AD created before, both in
"domain\groupname" and "groupname" convention, but i just created a new
AD group and i added my user to this group, but unfortunately IsInRole
returns false as a result if i test my user. I checked that page is
really launched with my user, so i don't know in moment, what could be
a reason of this strange behavior...