Re: Authorization problem
From: Patrick.O.Ige (PatrickOIge_at_discussions.microsoft.com)
Date: 10/27/04
- Next message: Joe Kaplan \(MVP - ADSI\): "Re: Authorization problem"
- Previous message: Patrick.O.Ige: "Getting Roles from Active Directory"
- In reply to: Joe Kaplan \(MVP - ADSI\): "Re: Authorization problem"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Authorization problem"
- Reply: Joe Kaplan \(MVP - ADSI\): "Re: Authorization problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 26 Oct 2004 22:33:04 -0700
Hi,
I'm using form authentication with Active Directory not a Database.
Can you give me a hint how i can GetRoles from the Active Directory and
later perform Authorisation?
Thx
"Joe Kaplan (MVP - ADSI)" wrote:
> 'imports System.Security.Principal
> 'imports System.Reflection
>
> Function GetRoles(byval identity as WindowsIdentity) as String()
>
> Dim idType As Type
> idType = GetType(WindowsIdentity)
> Dim result As Object =
> idType.InvokeMember("_GetRoles",BindingFlags.Static Or
> BindingFlags.InvokeMethod Or BindingFlags.NonPublic,Nothing, identity, New
> Object() {identity.Token}, Nothing)
> Dim roles() As String = DirectCast(result, String())
> Return roles
>
> End Function
>
> Like I said, this is for troubleshooting only, not for production code.
> This may not work in future versions of the framework, but does on 1.1.
>
> Joe K.
>
> "Nikolay Petrov" <johntup2_nospam_@mail.bg> wrote in message
> news:OHvb7S3uEHA.1988@TK2MSFTNGP12.phx.gbl...
> > Never heard of reflection ;-)
> > how to do?
> >
> >
> > "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
> > in message news:emupGP3uEHA.2116@TK2MSFTNGP14.phx.gbl...
> >> One other thing to check:
> >>
> >> Can you do a programmatic check instead of a declarative one? Try
> >> Context.User.IsInRole("machine\administrators") or
> >> Thread.CurrentPrincipal.IsInRole("machine\administrators")?
> >>
> >> Those should do the same thing as the declarative demand, but it is worth
> >> a shot.
> >>
> >> Another thing to try is to use reflection on _GetRoles private method on
> >> WindowsIdentity to see what the actual values are. This can be helpful
> >> for troubleshooting Windows group resolution. Don't use this in
> >> production though!
> >>
> >> Google will dig up a bunch of code samples showing how to do that if you
> >> need it.
> >>
> >> Joe K.
> >>
> >> "Nikolay Petrov" <johntup2_nospam_@mail.bg> wrote in message
> >> news:eVwiaG3uEHA.3948@TK2MSFTNGP15.phx.gbl...
> >>>I have done that. It is fine.
> >>> Something else is broken. The auditing don't show nothing also.
> >>>
> >>> "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com>
> >>> wrote in message news:efhvF42uEHA.1976@TK2MSFTNGP09.phx.gbl...
> >>>> Are you certain that the client is being authenticated with Windows
> >>>> authentication? It would probably be a good idea to dump out the value
> >>>> of Context.User.Identity.Name and make sure it is the user that you
> >>>> think it is.
> >>>>
> >>>> Joe K.
> >>
> >>
> >
> >
>
>
>
- Next message: Joe Kaplan \(MVP - ADSI\): "Re: Authorization problem"
- Previous message: Patrick.O.Ige: "Getting Roles from Active Directory"
- In reply to: Joe Kaplan \(MVP - ADSI\): "Re: Authorization problem"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Authorization problem"
- Reply: Joe Kaplan \(MVP - ADSI\): "Re: Authorization problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
