Re: Create a role and check it

From: Dominick Baier <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 20 Feb 2007 17:01:19 +0000 (UTC)

You can check for the role using Page/Context.User.IsInrole("admins") or use the <authorization> element in web.config to declaratively restrict access to pages and directories using roles. The site map feature is also role aware.

What else should happen? ;)

Why do you have a <impersonate> element in config - you can remove that if you are not sure if you need it.

-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

Hello!

I 'm quite new to asp.net and trying to accomplish a web that gives
'admins'
some extra options in an aspx page.
I have a local group called admins at the dotnet server. In this group
I
have domain users/groups.
I have this "code" in the web.config:
<authentication mode="Windows"/>
<identity impersonate="true"/>

If the user is a member of the local group myserver\admins something
should
happend. Otherwise not!
How do I accomplish this? Please explain to a "dummie".
Regards Magnus

Follow-Ups:
- Re: Create a role and check it
  - From: Magnus

References:
- Create a role and check it
  - From: Magnus

Prev by Date: Create a role and check it
Next by Date: Re: WindowsTokenRoleProvider & Domain Groups
Previous by thread: Create a role and check it
Next by thread: Re: Create a role and check it
Index(es):
- Date
- Thread

Relevant Pages

Create a role and check it
... I 'm quite new to asp.net and trying to accomplish a web that gives 'admins' ... some extra options in an aspx page. ... I have a local group called admins at the dotnet server. ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: Problem using ADMT to migrate computer accounts
... >workstations) will only contain global group DOMAIN1 ... \Domain Admins, and NOT ... >a local group to contain another local group. ... Administrators group to each ...
(microsoft.public.windows.server.migration)
Re: Migrate computer from NT domain to Win2K AD
... Workstations in DOMAIN1 ... workstations) will only contain global group DOMAIN1\Domain Admins, ... a local group to contain another local group. ... you have to add them to the local Administrators group to ...
(microsoft.public.windows.server.migration)
Re: Problem using ADMT to migrate computer accounts
... Workstations in DOMAIN1 ... workstations) will only contain global group DOMAIN1\Domain Admins, ... a local group to contain another local group. ... > Below is a copy of the agent log. ...
(microsoft.public.windows.server.migration)
Re: Allowing users to be local admins of there workstation
... Adding to admins is ill-advised, and to Domain Admins is a road to chaos. ... for use in cases of approved install need (and make it a local account). ... If you cannot select to add a domain account to a local group then is ... In the past I was able on the local machine to add the user of that ...
(microsoft.public.windows.group_policy)