Re: Create a role and check it



Thank you. It worked perfectly!!!

Well, from the beginning I thought of using impersonate because the user
should use a database with his/her own account. Changed it to use one common
sql account instead, so that's true, I don't need impersonate anymore.
Does that make any sence to you?

Regards Magnus

"Dominick Baier" <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:51eb30488d8d8c9233041f31674@xxxxxxxxxxxxxxxxxxxxx
You can check for the role using Page/Context.User.IsInrole("admins") or
use the <authorization> element in web.config to declaratively restrict
access to pages and directories using roles. The site map feature is also
role aware.

What else should happen? ;)


Why do you have a <impersonate> element in config - you can remove that if
you are not sure if you need it.


-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications
(http://www.microsoft.com/mspress/books/9989.asp)

Hello!

I 'm quite new to asp.net and trying to accomplish a web that gives
'admins'
some extra options in an aspx page.
I have a local group called admins at the dotnet server. In this group
I
have domain users/groups.
I have this "code" in the web.config:
<authentication mode="Windows"/>
<identity impersonate="true"/>

If the user is a member of the local group myserver\admins something
should
happend. Otherwise not!
How do I accomplish this? Please explain to a "dummie".
Regards Magnus





.



Relevant Pages

  • Re: Sql Reporting Serviced - > ASP.NET ACCESS DENIED!
    ... The account you are logging in to when on the server doesn't have the ... do you have <Impersonate> set to True? ... > Exception Details: System.UnauthorizedAccessException: Access to the path ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Changing User Password - Credential Problem
    ... This is for admins to reset users forgotten passwords, ... How can I impersonate another account? ... >> Obviously the ASP.NET account doesn't have permissions to change ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: How to use WindowsPrincipal properly??
    ... > If you want to check if the user is in the local computers security group ... > used by the general public you have to use Basic Authentication of course. ... You can logon a set account ... > WindowsIndentity which is then used to Impersonate. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: Impersonate
    ... saving a Excel document in ASP.NET webapplication, ... Regarding on the problem you mentioned, I think the account is the first ... You should either impersonate through the web.config setting or use code. ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Impersonating Users
    ... i'm not sure about the cert store impl in NT, ... > running the service as Local System Account, ... > CERT_SYSTEM_STORE_CURRENT_USER fails to find the cert. ... > //Logon to user acount and Impersonate. ...
    (microsoft.public.platformsdk.security)