Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

User.IsInRole -- but how do I assign roles to a user?

1 view
Skip to first unread message

John Knoop

unread,
Jun 22, 2003, 7:41:20 PM6/22/03
to
Hi

I have a table containing the administrators of my site. Each of these
administrators have access to different parts of the administration site.
For example, Lucy might have access to News.aspx and Customers.aspx while
Mike might have access only to Reports.aspx.

I planned to solve this by making creating roles with the same names as the
aspx-pages. Then I could just run some code in Application_BeginRequest:

'Lets say the user is requesting Customers.aspx and we have a role called
Customers
cm = <filename of requested page minus ".aspx">
If not User.IsInRole(cm) then response.redirect "start.aspx"

However, I do not know how to assign the appropriate roles to each user. How
do I solve this? Or is there another way to do it?

Thanks!


Ken Cox [Microsoft MVP]

unread,
Jun 22, 2003, 9:42:51 PM6/22/03
to
The roles being referred to are the "Groups" used in Windows authentication and
domains.

You need to add the users to a group in the Computer Management applet -
Systems Tools > Local Users and Groups >Groups.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfSystemSecurityPrincipalWindowsPrincipalClassTopic.asp

Ken

"John Knoop" <joh...@home.se> wrote in message
news:udhqIfRO...@TK2MSFTNGP12.phx.gbl...

John Knoop

unread,
Jun 22, 2003, 10:56:51 PM6/22/03
to
Ok. So there is no way to store them in an SQL Server database?

/john

"Ken Cox [Microsoft MVP]" <BANSPAM...@sympatico.ca> wrote in message
news:#2XKDjSO...@TK2MSFTNGP11.phx.gbl...

Ken Cox [Microsoft MVP]

unread,
Jun 23, 2003, 8:15:02 AM6/23/03
to
Not that I know. It seems to be a Windows authentication scheme... but I've
been proven wrong before.

"John Knoop" <joh...@home.se> wrote in message

news:%23n7uYMT...@TK2MSFTNGP10.phx.gbl...

Chris Anderson (Merak)

unread,
Jun 23, 2003, 9:08:36 AM6/23/03
to
>-----Original Message-----
>Ok. So there is no way to store them in an SQL Server
database?

If you are using Windows Authentication, the roles map
onto user groups as Ken discussed.

If you are using Forms authentication, you can add roles
using a custom principal, ie :

In the global.asax Application_AuthenticateRequest
handler, you can get the logged in users roles from the
database into a array of strings, then assign them to the
new principal:

Context.User = new GenericPrincipal(Context.User.Identity,
roles);

Look at the IBS Portal app for an example
http://www.asp.net/IBS_Portal/DesktopDefault.aspx

In particular look at the AuthenticateRequest event
handlers at:

(VB.NET)
http://www.asp.net/IBS_Portal/vbdocs/sourceviewer/srcview.a
spx?path=globalasax.src&file=Global.asax&rows=2

(C#)
http://www.asp.net/IBS_Portal/sourceviewer/srcview.aspx?
path=globalasax.src&file=Global.asax&rows=2

(Watch for word wrap, etc)

Merak

John Knoop

unread,
Jun 23, 2003, 3:12:52 PM6/23/03
to
Thanks!

What is the difference between Context.User and just User? When I try to set
User = new GenericPrincipal(User.Identity, roles) I get a read only-error.

Context.User seems to only apply within the realms of the current page. It
would be great if I could just set the User to this new GenericPrincipal
once (in the login page) and never again.

/john

"Chris Anderson (Merak)" <me...@vRbErMeOaVlEm.co.uk> wrote in message
news:07f201c33988$8e82ad10$a501...@phx.gbl...

0 new messages