IsInRole problem?

[Guest]

Hi,

I'm testing the IsInRole method on my app. I'm using Integrated security so
I'm not sure if that has something to do with it. I have a groups table
which I want to secure certain portions of my application.

In the global.asax:

protected void Application_AcquireRequestState(Object sender, EventArgs e)
{
if (Request.IsAuthenticated)
{
string[] arrRoles = new string[]{"Manager", "Cleaner"};
System.Threading.Thread.CurrentPrincipal = new
System.Security.Principal.GenericPrincipal(Context.User.Identity, arrRoles);
}
}

In a page secured by integrated security I get "false" for the following code:

Context.User.IsInRole("Manager") //-returns false when I thought it should
be true?

Thanks

 

[Raterus]

I'd really create my own object to keep track of these roles. Attaching to the context works great for a forms-authentication app, but when you throw windows authentication into the mix, by default, IsInRole will be checking active directory groups. You are essentially trying to overwrite this, which to me doesn't seem like a good idea. You'll have a lot more flexibility down the road if you create your own object to check these roles, and just store that in the session.
--Michael

 

[Elton Wang]

Hi Dave,

Role name like user name should also include domain name:

User.IsInRole("Your_Domain_Name\Manager")

HTH

Elton Wang
(e-mail address removed)

-----Original Message-----
Hi,

I'm testing the IsInRole method on my app. I'm using Integrated security so
I'm not sure if that has something to do with it. I have a groups table
which I want to secure certain portions of my application.

In the global.asax:

protected void Application_AcquireRequestState(Object sender, EventArgs e)
{
if (Request.IsAuthenticated)
{
string[] arrRoles = new string[] {"Manager", "Cleaner"};
System.Threading.Thread.CurrentPrincipal = new
System.Security.Principal.GenericPrincipal

(Context.User.Identity, arrRoles);