472,354 Members | 2,059 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 472,354 software developers and data experts.

User.IsInRole in fails unless authorization section limits access

I have a web page that any authenticated user can access, but I
dynamically enable/disable other asp.net controls on the web page
based on the Role that they are in via C# code behind. My web
config is as follows...

<deny users="?" />

<authentication mode="Windows" />

I am hosted on Windows 2003 Server, IIS 6, Enable Anonymous access is
turned off, and Integrated Windows Authentication is turned on.

When the user accesses the web page, I get the proper User name via
Context.User, System.Threading.Thread.CurrentPrincipal,
HttpContext.Current.User, etc. They all contain the user's proper
domain name and user name (e.g. MyDomain\bjones). But, if I call
User.IsInRole on a role that this user belongs to, it returns
false. When the user accesses this page, they are not prompted for
their username and password, so single signon working here.

Now, I have a subdirectory directory that is restricted using roles,
so its directory has its own web.config

<allow roles="Test" />
<deny users="*" />

Here if the user accesses this page then they are prompted to enter in
their username and password. First question, why are they prompted
for this when we already know who they are and they are in the "Test"

After the user enters in their credentials and accesses the page ok,
they return back to the first page. At this point, the User.IsInRole
now starts working. It appears that the logon prompt of the user
caused the IsInRole to now start returning TRUE. Why does it now

Nothing really different about the virtual directories. If I change
the 1st directory to have the same authorization as the 2nd directory,
then they are prompted for username and password and IsInRole works.
Have also tried...

<allow users="*">
<deny users="?">

Thanks for any help,


Aug 10 '07 #1
0 1962

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

by: Feldman Alex | last post by:
Hi all, I need to know the user privileges (does user have administrator privileges) .. Which c# api's should i use? Thanks a lot
by: Dan Bart | last post by:
I am using an application which is a modification of IBuySpy Portal. It is using Forms authentication. Users login and their name is added to Context Then I use: ...
by: Mark | last post by:
hey, i'm trying to get the current windows user and the groups they are in. Intergrated windows auth on and annoymous access turned off on IIS. However when trying to compile the following code...
by: Razak | last post by:
Hi, I have a class which basically do Impersonation in my web application. From MS KB sample:- ++++++++++++++++++++code starts Dim impersonationContext As...
by: John Dalberg | last post by:
I have an Intranet asp.net application that opens multiple frames in its main page. Authentication to the Intranet app is forms based. The app is third party closed source. One of the frames can...
by: Vadym Stetsyak | last post by:
Hi there! Is it possible to retieve user nt name from the web request? This question arose while thinking about authentication system implementation in the asp.net. I want to make...
by: Oliver Rainer | last post by:
Hi, I have the following problem... Pre-requisites: Installation of an Asp.net webservice on a IIS5 server (win2k). Anonymous access is not allowed, only using windows authentication (intranet...
by: Mark White | last post by:
Hey everyone I'm having a great deal of problems finding this information through google and yahoo, so I turn to you on this. I have a Windows app running on XP. I am able to caputre the...
by: JamesB | last post by:
I am writing a service that monitors when a particular app is started. Works, but I need to get the user who is currently logged in, and of course Environment.UserName returns the service logon...
by: Kemmylinns12 | last post by:
Blockchain technology has emerged as a transformative force in the business world, offering unprecedented opportunities for innovation and efficiency. While initially associated with cryptocurrencies...
by: antdb | last post by:
Ⅰ. Advantage of AntDB: hyper-convergence + streaming processing engine In the overall architecture, a new "hyper-convergence" concept was proposed, which integrated multiple engines and...
by: AndyPSV | last post by:
HOW CAN I CREATE AN AI with an .executable file that would suck all files in the folder and on my computerHOW CAN I CREATE AN AI with an .executable file that would suck all files in the folder and...
by: Arjunsri | last post by:
I have a Redshift database that I need to use as an import data source. I have configured the DSN connection using the server, port, database, and credentials and received a successful connection...
by: WisdomUfot | last post by:
It's an interesting question you've got about how Gmail hides the HTTP referrer when a link in an email is clicked. While I don't have the specific technical details, Gmail likely implements measures...
by: Matthew3360 | last post by:
Hi, I have been trying to connect to a local host using php curl. But I am finding it hard to do this. I am doing the curl get request from my web server and have made sure to enable curl. I get a...
by: Carina712 | last post by:
Setting background colors for Excel documents can help to improve the visual appeal of the document and make it easier to read and understand. Background colors can be used to highlight important...
by: BLUEPANDA | last post by:
At BluePanda Dev, we're passionate about building high-quality software and sharing our knowledge with the community. That's why we've created a SaaS starter kit that's not only easy to use but also...
by: Rahul1995seven | last post by:
Introduction: In the realm of programming languages, Python has emerged as a powerhouse. With its simplicity, versatility, and robustness, Python has gained popularity among beginners and experts...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.