AzMAN/ADAM-Roles.IsUserInRole() issues

Discussion in 'ASP .Net Security' started by Codifier, Jan 19, 2010.

  1. Codifier

    Codifier Guest

    I am starting on a new website development effort and am somewhat new to
    AzMAN/ADAM, so please guide me if this question has been answered elsewhere.

    My environment:
    I am developing this website on a Windows XP SP3 machine; all components
    (AzMAN, ADAM, ASP.NET, IIS 5.1) are on the same physical machine. Later on,
    during deployment, I am looking to migrate to WS2003 environment.

    Right now, I have both applications working and am able to add new users /
    groups to ADAM both through ADSI as well as programmatically
    (DirectoryEntry.Invoke("Add", object[] ....)). My AzMAN policy store resides
    in ADAM. My users are created in ADAM and assigned specific groups that are
    then pegged to specific AzMAN roles through LDAP Query groups. I have
    verified the LDAP queries work on ldp.exe console.

    I am using standard ActiveDirectoryMembershipProvider for Membership and
    System.Web.Security.AuthorizationStoreRoleProvider. I am not using a custom
    role provider yet.

    My Problem:

    Roles.IsUserInRole("RoleName") gives me a E_INVALIDARGS error. I am making
    this call in the Login Control's OnLoggedIn event, so I know the
    MembershipProvider is authenticating the username/password correctly. I did
    use some incorrect credentials to make sure the call is going out to the
    MembershipProvider (which rejects incorrect credentials as expected). If I
    break within the LoggedIn function, I see that User.Identity.Name is set
    correctly to the logged in user. However, I get this error when doing the
    role check.

    I tried to work around this problem by taking the COM API route rather than
    the Roles API route, and that is giving me even more problem by way of
    COMExceptions (Handle is invalid) in the first step -- IAzAuthorizationStore
    authStore = new AzAuthorizationStoreClass();

    Please let me know how I can enable role authorization in my environment.
    Since this is a new website development effort, I am not burdened by legacy
    policies. I have some leeway in terms of setting up the user and policy
    stores. However, I would like to make it work on an XP machine; don't want to
    invest in WS2003 yet.
    Codifier, Jan 19, 2010
    1. Advertisements

  2. Codifier

    Codifier Guest

    Some more environment related information:

    Microsoft.interop.Security.AzRoles version I have confirmed it is
    in GAC
    Azroles.dll -> Add reference and in the Windows/system32 directory.
    Interop.AZROLESLib.dll -> Add reference in /Bin directory v
    Codifier, Jan 19, 2010
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Michael Herman \(Parallelspace\)

    ASP.NET 2.0, MS AD/ADAM and Authorization Manager (AzMan)

    Michael Herman \(Parallelspace\), Jul 6, 2005, in forum: ASP .Net
    Michael Herman \(Parallelspace\)
    Jul 9, 2005
  2. VB Programmer

    Wierd results with Roles.IsUserInRole

    VB Programmer, Jan 15, 2006, in forum: ASP .Net
    Jan 15, 2006
  3. =?Utf-8?B?QmVuIFIu?=

    Roles.IsUserInRole maps call to GetRolesForUser... Why?

    =?Utf-8?B?QmVuIFIu?=, Mar 20, 2006, in forum: ASP .Net
    Steven Cheng[MSFT]
    Mar 24, 2006
  4. mkc

    ADAM/AzMan Does Not Create Roles/Tasks

    mkc, Oct 19, 2006, in forum: ASP .Net Security
  5. Lyndon Hills

    Roles.IsUserInRole != Context.User.IsInRole

    Lyndon Hills, Oct 20, 2006, in forum: ASP .Net Security
    Joe Kaplan
    Oct 31, 2006

Share This Page