Can't get WindowsPrincipal.IsInRole() to work for me when using
Windows Authentication. Here's a snippit of code from my C#
codebehind page:

WindowsPrincipal wp = new WindowsPrincipal(
WindowsIdentity.GetCurrent() );
lblUser.Text = wp.Identity.Name;
Label1.Text = wp.IsInRole(@"DOMAIN\group").ToString();


where "DOMAIN\group" is a valid group name. The username shows up
correctly as "DOMAIN\username" but for any non-builtin roles,
IsInRole() returns false. Does anyone have suggestions as to why this
is not working?



*** Sent via Developersdex http://www.developersdex.com ***

When using Windows authentication in ASP.NET, the WindowsPrincipal for the
logged in user is in the HttpContext.User property, not the
WindowsIdentity.GetCurrent(). They are the same IF you are impersonating,
but otherwise they are not.

HTH,

Joe K.

[quoted text, click to view]

Agree with Joe's comment (always use the User property to avoid
impersonatuion issues). Nevertheless, if you want to go further and check
out what roles are beeing evaluated inside the IsInRole() method, you may
use this little "hack" snippet to inspect the roles string array that use
WindowsPrincipal for this evaluation.

public static string[] Roles( WindowsIdentity identity )
{
// Parameters check
if( identity == null )
{
throw new ArgumentNullException( "identity" );
}
if( identity.Name.Length < 1 )
{
return new string[0];
}

// Get roles
string[] roles = (string[])CallPrivateMethod( identity, "GetRoles" );
return roles;
}

//Note: This method will require 'ReflectionPermission'
[ReflectionPermission( SecurityAction.Assert, MemberAccess=true,
TypeInformation=true )]
private static object CallPrivateMethod(object o, string methodName)
{
Type t = o.GetType();
MethodInfo mi = t.GetMethod(methodName, BindingFlags.NonPublic |
BindingFlags.Instance);
if (mi == null)
{
throw new System.Reflection.ReflectionTypeLoadException(null,null,
String.Format("{0}.{1} method wasn't found. The runtime
implementation may have changed!", t.FullName,
methodName ) );
}
return mi.Invoke(o, null);
}


--
Hernan de Lahitte
Lagash Systems S.A.
http://weblogs.asp.net/hernandl


This posting is provided "AS IS" with no warranties, and confers no rights.

[quoted text, click to view]

Hi Hernan de Lahitte,
How are you and thanks for the code!
I tried running the code for getting the actual roles but i keep getting
errors.Can you pls explain how i can get the code working.Pls explain
step by step.
Thanks alot.


*** Sent via Developersdex http://www.developersdex.com ***

Since you are using VB.NET, perhaps this sample (doing the same basic thing)
will work for you:

Function GetRoles(byval identity as WindowsIdentity) as String()

Dim idType As Type
idType = GetType(WindowsIdentity)
Dim result As Object =
idType.InvokeMember("_GetRoles",BindingFlags.Static Or
BindingFlags.InvokeMethod Or BindingFlags.NonPublic,Nothing, identity, New
Object() {identity.Token}, Nothing)
Dim roles() As String = DirectCast(result, String())
Return roles

End Function

Joe K.

[quoted text, click to view]