K
Keith Patrick
I have a custom security backend that I need to integrate with ASP.Net 2.0.
The problem I have is that being in a role is not evaluated as simply
"myRoles.Contains(role)". There's some logic that goes on in a webservice
such that I really do have to ask the security system the question: "Is the
user in the role", since the role is in a format that has to be parsed into
some parameters to get passed elsewhere. GetRolesForUser won't work because
the security system cannot simply enumerate these roles for string
comparison. However, RolePrincipal is sealed, so I cannot change its
behavior. I can fix the sitemap portion (I think) by creating a custom
sitemap provider that changes implementation of IsAccessibleToUser, but that
doesn't fix the rest of the controls that wind up calling
RolePrincipal.GetRolesForUsers.
Has anyone come up with a way around the string.equals() version of checking
for a role that asp.net is doing by default?
The problem I have is that being in a role is not evaluated as simply
"myRoles.Contains(role)". There's some logic that goes on in a webservice
such that I really do have to ask the security system the question: "Is the
user in the role", since the role is in a format that has to be parsed into
some parameters to get passed elsewhere. GetRolesForUser won't work because
the security system cannot simply enumerate these roles for string
comparison. However, RolePrincipal is sealed, so I cannot change its
behavior. I can fix the sitemap portion (I think) by creating a custom
sitemap provider that changes implementation of IsAccessibleToUser, but that
doesn't fix the rest of the controls that wind up calling
RolePrincipal.GetRolesForUsers.
Has anyone come up with a way around the string.equals() version of checking
for a role that asp.net is doing by default?