Re: Get UserGroup of Active Directory to control the security
From: Shaker (Shaker_at_discussions.microsoft.com)
Date: 12/20/04
- Next message: crjunk: "Securing and Accessing XML Files"
- Previous message: Marco Maier: "solved"
- In reply to: Joe Kaplan \(MVP - ADSI\): "Re: Get UserGroup of Active Directory to control the security"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Get UserGroup of Active Directory to control the security"
- Reply: Joe Kaplan \(MVP - ADSI\): "Re: Get UserGroup of Active Directory to control the security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 20 Dec 2004 04:19:03 -0800
Thanks this works fine,
But I Still need a way to get user info beside a full tree of Usergroup from
AD without providing Password.
I'll get the user name using (User.Identity.Name) of page object.
Thnaks Again
"Joe Kaplan (MVP - ADSI)" wrote:
> If you are using Windows authentication in ASP.NET, you can easily do basic
> role-based security against the user's group membership using the
> WindowsPrincipal class which is exposed as the IPrincipal object returned by
> the User property on the HttpContext or Page class or the
> Thread.CurrentPrincipal class for code that does not reference System.Web
> such as a middle tier layer or something.
>
> You just call the User.IsInRole method with the name of the group you are
> interested in (in domain\group name format) and it will return true or
> false.
>
> Additionally, the allow and deny tags in web.config, which are used by the
> UrlAuthorizationModule, can be used to declaratively allow and deny access
> to certain parts of your page. Use the same syntax as above, e.g.
>
> <allow roles="mydomain\mygroup"/>
>
> Finally, you can use the PrincipalPermission and
> PrincipalPermissionAttribute to achieve similar things, although I'm not a
> big fan of the attribute as the principal name must be specified at compile
> time.
>
> HTH,
>
> Joe K.
>
> "Shaker" <Shaker@discussions.microsoft.com> wrote in message
> news:885A0DAC-CB23-45D6-958A-4D19E3526B1D@microsoft.com...
> > Hi,
> > I have an ASP.Net Intranet App with C#.
> >
> > I don't need to ask users about by User and PWD since they are already
> > logged in.
> > This is acheived through "<deny users="?" />" tag. no problem with it.
> >
> > My concern now is to determine the the user group where the user is
> > belonging to.
> > to control the rest of navigation to the site.
> > Please provide me with clear code to do that.
> >
> > --
> > MCSD not .Net
>
>
>
- Next message: crjunk: "Securing and Accessing XML Files"
- Previous message: Marco Maier: "solved"
- In reply to: Joe Kaplan \(MVP - ADSI\): "Re: Get UserGroup of Active Directory to control the security"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Get UserGroup of Active Directory to control the security"
- Reply: Joe Kaplan \(MVP - ADSI\): "Re: Get UserGroup of Active Directory to control the security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
