WindowsPrincipal.IsInRole(role) != Page.User.IsInRole(role)
From: Zdenko (zdenko.sadojevic@keypartners.fi)
Date: 03/20/03
- Next message: Uwe Woehler: "Re: Request.ClientCertificate()"
- Previous message: Joseph E Shook: "Re: Authenticate user and allow anonymous access"
- Next in thread: Sitaraman: "Re: WindowsPrincipal.IsInRole(role) != Page.User.IsInRole(role)"
- Reply: Sitaraman: "Re: WindowsPrincipal.IsInRole(role) != Page.User.IsInRole(role)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Zdenko" <zdenko.sadojevic@keypartners.fi> Date: Thu, 20 Mar 2003 12:05:10 +0200
I would like to use declarative security to control access. When I add
attribute
<PrincipalPermissionAttribute(SecurityAction.Demand,
Role:="BUILTIN\Administrators")> calling of method raises SecurityException
even I am a member of Windows group.
According to MSDN:
"When a user is authenticated using Windows authentication, Page.User refers
to a WindowsPrincipal object."
I have test in code that returns different values for Page.User and
WindowsPrincipal.
role = "BUILTIN\Administrators"
Dim WinPrincipal As WindowsPrincipal = New
WindowsPrincipal(WindowsIdentity.GetCurrent())
If WinPrincipal.IsInRole(role) Then
' This portion of code IS executed
If Page.User.IsInRole(role) Then
' This portion of code is NOT executed
I have performed the check of type. For Page.User it returns:
System.Security.Principal.GenericPrincipal
I suppose that declarative security uses Page.User Identity and that is the
reason why it fails.
What is wrong?
Zdenko
- Next message: Uwe Woehler: "Re: Request.ClientCertificate()"
- Previous message: Joseph E Shook: "Re: Authenticate user and allow anonymous access"
- Next in thread: Sitaraman: "Re: WindowsPrincipal.IsInRole(role) != Page.User.IsInRole(role)"
- Reply: Sitaraman: "Re: WindowsPrincipal.IsInRole(role) != Page.User.IsInRole(role)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
