By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
439,993 Members | 1,883 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 439,993 IT Pros & Developers. It's quick & easy.

security using windowsprincipal class

P: n/a
Hi,

I'm trying to get my application to authenticate using role based when the
user runs the application.

When the user logs on and is in the security group "school", the user gets
into the application no problem. But when the user is removed from the
group but doesnt log back in, he still has permissions to run the
application. This is also true if the user is already logged on and then
placed in the security group, the user cannot run the application. Is there
a way to make the application check Active Directory without logging in and
logging out for the permissions to take effect?

I need this to work because I cant iterate thru Active Directory to get the
nested security groups/roles of the user.

thanks in advance,
Will

Code:
Try

AppDomain.CurrentDomain.SetPrincipalPolicy(Princip alPolicy.WindowsPrincipal)

'get the current userid domain\username

Dim MyPrincipal As WindowsPrincipal = CType(Thread.CurrentPrincipal,
WindowsPrincipal)

winPrincipal = New WindowsPrincipal(MyPrincipal.Identity)

'get the current userid

userid = MyPrincipal.Identity.Name

Dim pp As New PrincipalPermission(userid, adrole)

pp.Demand()

'check if the user is part of the role to access this application

If winPrincipal.IsInRole(adrole) Then

'get the userid without the domain

userid = Mid(userid, InStr(userid, "\") + 1)

UserInfoClass.UserIdent = userid

Return True

Else

MsgBox("You do not have permission to run this program. Please see your
administrator.", MsgBoxStyle.Exclamation, "Access Error")

Return False

'Me.Close()

End If

Catch ex As Exception

MsgBox("Error:" & ex.Message)

Return False

End Try
Feb 13 '07 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.