Create a role and check it

Discussion in 'ASP .Net Security' started by Magnus, Feb 20, 2007.

  1. Magnus

    Magnus Guest

    Hello!

    I 'm quite new to asp.net and trying to accomplish a web that gives 'admins'
    some extra options in an aspx page.
    I have a local group called admins at the dotnet server. In this group I
    have domain users/groups.
    I have this "code" in the web.config:
    <authentication mode="Windows"/>

    <identity impersonate="true"/>

    If the user is a member of the local group myserver\admins something should
    happend. Otherwise not!
    How do I accomplish this? Please explain to a "dummie".

    Regards Magnus
    Magnus, Feb 20, 2007
    #1
    1. Advertising

  2. You can check for the role using Page/Context.User.IsInrole("admins") or
    use the <authorization> element in web.config to declaratively restrict access
    to pages and directories using roles. The site map feature is also role aware.

    What else should happen? ;)


    Why do you have a <impersonate> element in config - you can remove that if
    you are not sure if you need it.


    -----
    Dominick Baier (http://www.leastprivilege.com)

    Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

    > Hello!
    >
    > I 'm quite new to asp.net and trying to accomplish a web that gives
    > 'admins'
    > some extra options in an aspx page.
    > I have a local group called admins at the dotnet server. In this group
    > I
    > have domain users/groups.
    > I have this "code" in the web.config:
    > <authentication mode="Windows"/>
    > <identity impersonate="true"/>
    >
    > If the user is a member of the local group myserver\admins something
    > should
    > happend. Otherwise not!
    > How do I accomplish this? Please explain to a "dummie".
    > Regards Magnus
    >
    Dominick Baier, Feb 20, 2007
    #2
    1. Advertising

  3. Magnus

    Magnus Guest

    Thank you. It worked perfectly!!!

    Well, from the beginning I thought of using impersonate because the user
    should use a database with his/her own account. Changed it to use one common
    sql account instead, so that's true, I don't need impersonate anymore.
    Does that make any sence to you?

    Regards Magnus

    "Dominick Baier" <dbaier@pleasepleasenospam_leastprivilege.com> wrote in
    message news:...
    > You can check for the role using Page/Context.User.IsInrole("admins") or
    > use the <authorization> element in web.config to declaratively restrict
    > access to pages and directories using roles. The site map feature is also
    > role aware.
    >
    > What else should happen? ;)
    >
    >
    > Why do you have a <impersonate> element in config - you can remove that if
    > you are not sure if you need it.
    >
    >
    > -----
    > Dominick Baier (http://www.leastprivilege.com)
    >
    > Developing More Secure Microsoft ASP.NET 2.0 Applications
    > (http://www.microsoft.com/mspress/books/9989.asp)
    >
    >> Hello!
    >>
    >> I 'm quite new to asp.net and trying to accomplish a web that gives
    >> 'admins'
    >> some extra options in an aspx page.
    >> I have a local group called admins at the dotnet server. In this group
    >> I
    >> have domain users/groups.
    >> I have this "code" in the web.config:
    >> <authentication mode="Windows"/>
    >> <identity impersonate="true"/>
    >>
    >> If the user is a member of the local group myserver\admins something
    >> should
    >> happend. Otherwise not!
    >> How do I accomplish this? Please explain to a "dummie".
    >> Regards Magnus
    >>

    >
    >
    Magnus, Feb 22, 2007
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jesper Stocholm
    Replies:
    2
    Views:
    8,063
    John Saunders
    Aug 23, 2003
  2. Liet Kynes
    Replies:
    0
    Views:
    473
    Liet Kynes
    Nov 26, 2003
  3. shapper

    Check if user is in Role

    shapper, Dec 13, 2006, in forum: ASP .Net
    Replies:
    1
    Views:
    303
    Mark Fitzpatrick
    Dec 14, 2006
  4. Annie
    Replies:
    2
    Views:
    356
    Annie
    Mar 6, 2007
  5. Kursat
    Replies:
    1
    Views:
    298
    Dominick Baier
    May 7, 2007
Loading...

Share This Page