Require multiple role membership?

A

Arthur Dent

Is there any way in the web.config "allow roles" authorization section, to
AND the roles together?
Eg. in my app, i have roles Customer, Employee, and Admininstrator. Now,
there could be Admin employees, and Admin Customers, each with access to
different sections.
Is there a way to specifiy that you can only get into the folder "AppAdmin"
if you are in role Employee AND role Administrator?
As ive seen it before, the roles by default only OR together.

Thanks in advance,
- Arthur Dent
 
J

Joe Kaplan \(MVP - ADSI\)

I don't think you can do this via web.config. You could do this
programmatically with IsInRole calls, but that is extra work.

Another way around this might be to create "AND" roles when you do your role
mapping, so that you have a special role like EmployeeANDAdminstrator that
you could then use in web.config.

HTH,

Joe K.
 
A

Arthur Dent

Yeah, thats what im doing at the moment... i have my roles defined in an
enum, and as additional members of the enum i have my combined roles, then i
check those names (i use System.Enum.GetName() to define my role names). Eg.
Enum UserRoles
Employee = 2
Administrator = 4
AdminEmployee = Employee Or Administrator
End Enum

Then in my allow role i add AdminEmployee.

I just thought maybe there was a way to do this without creating combinatory
values like that.
Thanks!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,900
Latest member
Nell636132

Latest Threads

Top