Following http://aspnet.4guysfromrolla.com/articles/082703-1.aspx I've
set up roles authentication for my web application.
User's roles are registered by:
HttpContext.Current.User = _
New GenericPrincipal(User.Identity, roleListArray)
I'd like to enter a user's roles into a listbox for viewing.
Must I loop all roles from datastore and check if user has role, or
can I somehow loop the specific user's roles (something like for each
role in user.roles)?
Mort 5  2124 
We think it's better to loop through the Roles in the principal object.
However, to do this, you have to create your own custom implementation of
IPrincipal, which is actually not that hard to do. We've included an
implementation below (sorry, C# code):
using System;
using System.Security.Principal;
namespace Ng.Auth
{
/// <summary>
/// Summary description for CustomPrincipal.
/// </summary>
public class CustomPrincipal : IPrincipal
{
private IIdentity _objIdentity;
private string [] _strRoles;
public CustomPrincipal(IIdentity objIdentity, string[] strRoles)
{
_objIdentity = objIdentity;
_strRoles = new string[strRoles.Length];
strRoles.CopyTo(_strRoles, 0);
Array.Sort(_strRoles);
}
public bool IsInRole(string strRole)
{
return Array.BinarySearch( _strRoles, strRole ) >=0 ? true : false;
}
public IIdentity Identity
{
get
{
return _objIdentity;
}
}
public string[] Roles
{
get
{
return _strRoles;
}
}
}
}
At this point it has become very easy to loop through all roles, like this:
// First do this:
string[] strOrgRoles = { "admin", "user", "teamadmin" };
HttpContext.Current.User = new CustomPrincipal(User.Identity, strOrgRoles);
// At a later time do this:
CustomPrincipal objPrincipal = (CustomPrincipal) HttpContext.Current.User;
foreach ( string strRole in objPrincipal.Roles )
{
Response.Write(strRole + "<br />");
}
You're probably better off using this approach instead of querying the
database. Something we recently came across, is somewhat related to your
question. It involves querying all roles of the windows identity. The code is
based on an example from Joe Kaplan in VB.NET. It might also be useful. It
uses reflection to get to the roles.
WindowsIdentity objCurrentIdentity = WindowsIdentity.GetCurrent();
Type objIdentityType = typeof(WindowsIdentity);
object objRoles = objIdentityType.InvokeMember("_GetRoles",
BindingFlags.Static | BindingFlags.InvokeMethod | BindingFlags.NonPublic,
null, objCurrentIdentity, new object[] { objCurrentIdentity.Token }, null);
string[] strRoles = (string[]) objRoles;
Kind regards,
Nikander & Margriet Bruggeman
"hansiman" wrote: Following http://aspnet.4guysfromrolla.com/articles/082703-1.aspx I've
set up roles authentication for my web application.
User's roles are registered by:
HttpContext.Current.User = _
New GenericPrincipal(User.Identity, roleListArray)
I'd like to enter a user's roles into a listbox for viewing.
Must I loop all roles from datastore and check if user has role, or
can I somehow loop the specific user's roles (something like for each
role in user.roles)?
Mort
Thanks, I'll look into the code :-)
one of the problems I found with the role based authentication
outlined in http://aspnet.4guysfromrolla.com/articles/082703-1.aspx
was that the code in the Application_AuthenticateRequest (global.asax)
fired on every page request...
Mort
On Mon, 21 Feb 2005 01:09:03 -0800, "Nikander & Margriet Bruggeman"
<Ni***********************@discussions.microsoft.c om> wrote: We think it's better to loop through the Roles in the principal object.
However, to do this, you have to create your own custom implementation of
IPrincipal, which is actually not that hard to do. We've included an
implementation below (sorry, C# code):
using System;
using System.Security.Principal;
namespace Ng.Auth
{
/// <summary>
/// Summary description for CustomPrincipal.
/// </summary>
public class CustomPrincipal : IPrincipal
{
private IIdentity _objIdentity;
private string [] _strRoles;
public CustomPrincipal(IIdentity objIdentity, string[] strRoles)
{
_objIdentity = objIdentity;
_strRoles = new string[strRoles.Length];
strRoles.CopyTo(_strRoles, 0);
Array.Sort(_strRoles);
}
public bool IsInRole(string strRole)
{
return Array.BinarySearch( _strRoles, strRole ) >=0 ? true : false;
}
public IIdentity Identity
{
get
{
return _objIdentity;
}
}
public string[] Roles
{
get
{
return _strRoles;
}
}
}
}
At this point it has become very easy to loop through all roles, like this:
// First do this:
string[] strOrgRoles = { "admin", "user", "teamadmin" };
HttpContext.Current.User = new CustomPrincipal(User.Identity, strOrgRoles);
// At a later time do this:
CustomPrincipal objPrincipal = (CustomPrincipal) HttpContext.Current.User;
foreach ( string strRole in objPrincipal.Roles )
{
Response.Write(strRole + "<br />");
}
You're probably better off using this approach instead of querying the
database. Something we recently came across, is somewhat related to your
question. It involves querying all roles of the windows identity. The code is
based on an example from Joe Kaplan in VB.NET. It might also be useful. It
uses reflection to get to the roles.
WindowsIdentity objCurrentIdentity = WindowsIdentity.GetCurrent();
Type objIdentityType = typeof(WindowsIdentity);
object objRoles = objIdentityType.InvokeMember("_GetRoles",
BindingFlags.Static | BindingFlags.InvokeMethod | BindingFlags.NonPublic,
null, objCurrentIdentity, new object[] { objCurrentIdentity.Token }, null);
string[] strRoles = (string[]) objRoles;
Kind regards,
Nikander & Margriet Bruggeman
"hansiman" wrote:
Following http://aspnet.4guysfromrolla.com/articles/082703-1.aspx I've
set up roles authentication for my web application.
User's roles are registered by:
HttpContext.Current.User = _
New GenericPrincipal(User.Identity, roleListArray)
I'd like to enter a user's roles into a listbox for viewing.
Must I loop all roles from datastore and check if user has role, or
can I somehow loop the specific user's roles (something like for each
role in user.roles)?
Mort
Well, you could of course add the role adding bit to:
protected void Session_Start(Object sender, EventArgs e)
instead.
Kind regards,
Nikander & Margriet Bruggeman
"hansiman" wrote: Thanks, I'll look into the code :-)
one of the problems I found with the role based authentication
outlined in http://aspnet.4guysfromrolla.com/articles/082703-1.aspx
was that the code in the Application_AuthenticateRequest (global.asax)
fired on every page request...
Mort
On Mon, 21 Feb 2005 01:09:03 -0800, "Nikander & Margriet Bruggeman"
<Ni***********************@discussions.microsoft.c om> wrote:
We think it's better to loop through the Roles in the principal object.
However, to do this, you have to create your own custom implementation of
IPrincipal, which is actually not that hard to do. We've included an
implementation below (sorry, C# code):
using System;
using System.Security.Principal;
namespace Ng.Auth
{
/// <summary>
/// Summary description for CustomPrincipal.
/// </summary>
public class CustomPrincipal : IPrincipal
{
private IIdentity _objIdentity;
private string [] _strRoles;
public CustomPrincipal(IIdentity objIdentity, string[] strRoles)
{
_objIdentity = objIdentity;
_strRoles = new string[strRoles.Length];
strRoles.CopyTo(_strRoles, 0);
Array.Sort(_strRoles);
}
public bool IsInRole(string strRole)
{
return Array.BinarySearch( _strRoles, strRole ) >=0 ? true : false;
}
public IIdentity Identity
{
get
{
return _objIdentity;
}
}
public string[] Roles
{
get
{
return _strRoles;
}
}
}
}
At this point it has become very easy to loop through all roles, like this:
// First do this:
string[] strOrgRoles = { "admin", "user", "teamadmin" };
HttpContext.Current.User = new CustomPrincipal(User.Identity, strOrgRoles);
// At a later time do this:
CustomPrincipal objPrincipal = (CustomPrincipal) HttpContext.Current.User;
foreach ( string strRole in objPrincipal.Roles )
{
Response.Write(strRole + "<br />");
}
You're probably better off using this approach instead of querying the
database. Something we recently came across, is somewhat related to your
question. It involves querying all roles of the windows identity. The code is
based on an example from Joe Kaplan in VB.NET. It might also be useful. It
uses reflection to get to the roles.
WindowsIdentity objCurrentIdentity = WindowsIdentity.GetCurrent();
Type objIdentityType = typeof(WindowsIdentity);
object objRoles = objIdentityType.InvokeMember("_GetRoles",
BindingFlags.Static | BindingFlags.InvokeMethod | BindingFlags.NonPublic,
null, objCurrentIdentity, new object[] { objCurrentIdentity.Token }, null);
string[] strRoles = (string[]) objRoles;
Kind regards,
Nikander & Margriet Bruggeman
"hansiman" wrote:
Following http://aspnet.4guysfromrolla.com/articles/082703-1.aspx I've
set up roles authentication for my web application.
User's roles are registered by:
HttpContext.Current.User = _
New GenericPrincipal(User.Identity, roleListArray)
I'd like to enter a user's roles into a listbox for viewing.
Must I loop all roles from datastore and check if user has role, or
can I somehow loop the specific user's roles (something like for each
role in user.roles)?
Mort
Thanks a lot for your help...
Must say that my .net skill are not quite there yet to follow your
code example... however, I followed the tutorial on http://www.devhood.com/tutorials/tut...=433&printer=t
This seems to do the job for me.
Mort
On Mon, 21 Feb 2005 04:19:03 -0800, "Nikander & Margriet Bruggeman"
<Ni***********************@discussions.microsoft.c om> wrote: Well, you could of course add the role adding bit to:
protected void Session_Start(Object sender, EventArgs e)
instead.
Kind regards,
Nikander & Margriet Bruggeman
"hansiman" wrote:
Thanks, I'll look into the code :-)
one of the problems I found with the role based authentication
outlined in http://aspnet.4guysfromrolla.com/articles/082703-1.aspx
was that the code in the Application_AuthenticateRequest (global.asax)
fired on every page request...
Mort
On Mon, 21 Feb 2005 01:09:03 -0800, "Nikander & Margriet Bruggeman"
<Ni***********************@discussions.microsoft.c om> wrote:
>We think it's better to loop through the Roles in the principal object.
>However, to do this, you have to create your own custom implementation of
>IPrincipal, which is actually not that hard to do. We've included an
>implementation below (sorry, C# code):
>
>using System;
>using System.Security.Principal;
>
>namespace Ng.Auth
>{
> /// <summary>
> /// Summary description for CustomPrincipal.
> /// </summary>
> public class CustomPrincipal : IPrincipal
> {
> private IIdentity _objIdentity;
> private string [] _strRoles;
>
> public CustomPrincipal(IIdentity objIdentity, string[] strRoles)
> {
> _objIdentity = objIdentity;
> _strRoles = new string[strRoles.Length];
> strRoles.CopyTo(_strRoles, 0);
> Array.Sort(_strRoles);
> }
>
> public bool IsInRole(string strRole)
> {
> return Array.BinarySearch( _strRoles, strRole ) >=0 ? true : false;
> }
>
> public IIdentity Identity
> {
> get
> {
> return _objIdentity;
> }
> }
>
> public string[] Roles
> {
> get
> {
> return _strRoles;
> }
> }
>
> }
>}
>
>At this point it has become very easy to loop through all roles, like this:
>
>// First do this:
> string[] strOrgRoles = { "admin", "user", "teamadmin" };
> HttpContext.Current.User = new CustomPrincipal(User.Identity, strOrgRoles);
>
>// At a later time do this:
> CustomPrincipal objPrincipal = (CustomPrincipal) HttpContext.Current.User;
> foreach ( string strRole in objPrincipal.Roles )
> {
> Response.Write(strRole + "<br />");
> }
>
>You're probably better off using this approach instead of querying the
>database. Something we recently came across, is somewhat related to your
>question. It involves querying all roles of the windows identity. The code is
>based on an example from Joe Kaplan in VB.NET. It might also be useful. It
>uses reflection to get to the roles.
>
> WindowsIdentity objCurrentIdentity = WindowsIdentity.GetCurrent();
> Type objIdentityType = typeof(WindowsIdentity);
> object objRoles = objIdentityType.InvokeMember("_GetRoles",
>BindingFlags.Static | BindingFlags.InvokeMethod | BindingFlags.NonPublic,
>null, objCurrentIdentity, new object[] { objCurrentIdentity.Token }, null);
> string[] strRoles = (string[]) objRoles;
>
>Kind regards,
>Nikander & Margriet Bruggeman
>
>"hansiman" wrote:
>
>> Following http://aspnet.4guysfromrolla.com/articles/082703-1.aspx I've
>> set up roles authentication for my web application.
>>
>> User's roles are registered by:
>>
>> HttpContext.Current.User = _
>> New GenericPrincipal(User.Identity, roleListArray)
>>
>> I'd like to enter a user's roles into a listbox for viewing.
>>
>> Must I loop all roles from datastore and check if user has role, or
>> can I somehow loop the specific user's roles (something like for each
>> role in user.roles)?
>>
>> Mort
>>
One question...
In classic asp I used to call session.abandon to logout a user. If I
do this User.Identity.IsAuthenticated still reads true.
How do I set User.Identity.IsAuthenticated to false without closing
the browser?
M
On Mon, 21 Feb 2005 04:19:03 -0800, "Nikander & Margriet Bruggeman"
<Ni***********************@discussions.microsoft.c om> wrote: Well, you could of course add the role adding bit to:
protected void Session_Start(Object sender, EventArgs e)
instead.
Kind regards,
Nikander & Margriet Bruggeman
"hansiman" wrote:
Thanks, I'll look into the code :-)
one of the problems I found with the role based authentication
outlined in http://aspnet.4guysfromrolla.com/articles/082703-1.aspx
was that the code in the Application_AuthenticateRequest (global.asax)
fired on every page request...
Mort
On Mon, 21 Feb 2005 01:09:03 -0800, "Nikander & Margriet Bruggeman"
<Ni***********************@discussions.microsoft.c om> wrote:
>We think it's better to loop through the Roles in the principal object.
>However, to do this, you have to create your own custom implementation of
>IPrincipal, which is actually not that hard to do. We've included an
>implementation below (sorry, C# code):
>
>using System;
>using System.Security.Principal;
>
>namespace Ng.Auth
>{
> /// <summary>
> /// Summary description for CustomPrincipal.
> /// </summary>
> public class CustomPrincipal : IPrincipal
> {
> private IIdentity _objIdentity;
> private string [] _strRoles;
>
> public CustomPrincipal(IIdentity objIdentity, string[] strRoles)
> {
> _objIdentity = objIdentity;
> _strRoles = new string[strRoles.Length];
> strRoles.CopyTo(_strRoles, 0);
> Array.Sort(_strRoles);
> }
>
> public bool IsInRole(string strRole)
> {
> return Array.BinarySearch( _strRoles, strRole ) >=0 ? true : false;
> }
>
> public IIdentity Identity
> {
> get
> {
> return _objIdentity;
> }
> }
>
> public string[] Roles
> {
> get
> {
> return _strRoles;
> }
> }
>
> }
>}
>
>At this point it has become very easy to loop through all roles, like this:
>
>// First do this:
> string[] strOrgRoles = { "admin", "user", "teamadmin" };
> HttpContext.Current.User = new CustomPrincipal(User.Identity, strOrgRoles);
>
>// At a later time do this:
> CustomPrincipal objPrincipal = (CustomPrincipal) HttpContext.Current.User;
> foreach ( string strRole in objPrincipal.Roles )
> {
> Response.Write(strRole + "<br />");
> }
>
>You're probably better off using this approach instead of querying the
>database. Something we recently came across, is somewhat related to your
>question. It involves querying all roles of the windows identity. The code is
>based on an example from Joe Kaplan in VB.NET. It might also be useful. It
>uses reflection to get to the roles.
>
> WindowsIdentity objCurrentIdentity = WindowsIdentity.GetCurrent();
> Type objIdentityType = typeof(WindowsIdentity);
> object objRoles = objIdentityType.InvokeMember("_GetRoles",
>BindingFlags.Static | BindingFlags.InvokeMethod | BindingFlags.NonPublic,
>null, objCurrentIdentity, new object[] { objCurrentIdentity.Token }, null);
> string[] strRoles = (string[]) objRoles;
>
>Kind regards,
>Nikander & Margriet Bruggeman
>
>"hansiman" wrote:
>
>> Following http://aspnet.4guysfromrolla.com/articles/082703-1.aspx I've
>> set up roles authentication for my web application.
>>
>> User's roles are registered by:
>>
>> HttpContext.Current.User = _
>> New GenericPrincipal(User.Identity, roleListArray)
>>
>> I'd like to enter a user's roles into a listbox for viewing.
>>
>> Must I loop all roles from datastore and check if user has role, or
>> can I somehow loop the specific user's roles (something like for each
>> role in user.roles)?
>>
>> Mort
>>
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Dave |
last post by:
I'm using code similar to below. Is there a way to check if the Current.User
object has roles assigned already. This event fires on every page request and
I only need to have it fired once since...
|
by: chris.rust |
last post by:
Has anyone else had any trouble setting up a sitemap view to be
filtered by roles?
We've put a cust role provider in place, and we can verify that it's
only being called once for each...
|
by: Ron |
last post by:
Hi,
I need to retrieve only users and there information in the aspnet_Membership
table that are associated with certain roles and then populate a GridView
with only those users found that belong...
|
by: Chicagoboy27 |
last post by:
I have all the following site map ...
<siteMapNode url="nothing.aspx" title="nothing" description="Home"
roles="">
<siteMapNode url="default.asp" title="Home" description="Home"
roles="" />...
|
by: Douglas J. Badin |
last post by:
Hi,
The problem with Authorization is it stops at the first match and doesn't
permit Grouping.
On the Web Site, I am trying to Secure Page Access and SiteNaviagation by
implementing the...
|
by: Sale |
last post by:
I am writing an asp 2.0 website where existing AD users can log in.
I am using ActiveDirectoryMembershipProvider for this task and it
works.
Now I need to define roles for these users (admin,...
|
by: AC |
last post by:
Hi there. My asp.net 2.0 development website uses roles to control
access to sections of my site, configured using the asp.net
configuration tool, which is great. Except that isn't available once...
|
by: sidhuasp |
last post by:
Hi everyone
I am using a mainmenu witeh sitemap provider
with folowing sitemap
<siteMapNode>
<siteMapNode url="" title="Master Data" description="Enter Master data" roles ="Admin,PM">
...
|
by: Chris |
last post by:
Hi,
i have a problem with sitemap combined with roles.
I already posted this but i reformulated simplier: here:
there are two defined users: user1 and user2
there is one role: manager
user1...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
