How to implement roles in ASP.NET using existing AD groups

StackOverflow https://stackoverflow.com/questions/20622922

  •  02-09-2022
  •  | 
  •  

Question

I'm trying to implement some role-based functionality in my web application (.NET 4.0.3) so that I can control what menu items users can see based on their roles, either Administrator or User.

I'm simply using existing AD groups to administer the roles. Let's say there is a team in my organisation that is represented by an AD group called IT-Managers, and there is another team with AD group IT-Support. I simply want to map IT-Managers as Administrator and IT-Support as User.

I can easily use WindowsPrincipal.IsInRole() to check whether the currently logged-in user belongs to either group, but how do I tell the application that the logged-in user holds the Administrator role or the User role, therefore sitemap security trimming can pick this up?

Was it helpful?

Solution

By implementing your custom Role Provider. Once implemented you can easily use the ASP.NET role provider framework....

Roles.IsUserInRole("Admin");
Roles.GetUsersInRole("Users");

etc.

You can implement a Role Provider by implementing the RoleProvider abstract class or by extending an existing one such as SqlRoleProvider. There's a lot of extensive documentation out there. I'll paste a couple of links

http://msdn.microsoft.com/en-us/library/aa478950.aspx

http://www.codeproject.com/Articles/28546/Active-Directory-Roles-Provider

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top