User.IsInRole in fails unless authorization section limits access

Discussion in 'ASP .Net' started by ronscottlangham@yahoo.com, Aug 10, 2007.

  1. Guest

    I have a web page that any authenticated user can access, but I
    dynamically enable/disable other asp.net controls on the web page
    based on the Role that they are in via C# code behind. My web
    config is as follows...

    <system.web>
    <authorization>
    <deny users="?" />
    </authorization>

    <authentication mode="Windows" />
    </system.web>

    I am hosted on Windows 2003 Server, IIS 6, Enable Anonymous access is
    turned off, and Integrated Windows Authentication is turned on.

    When the user accesses the web page, I get the proper User name via
    Context.User, System.Threading.Thread.CurrentPrincipal,
    HttpContext.Current.User, etc. They all contain the user's proper
    domain name and user name (e.g. MyDomain\bjones). But, if I call
    User.IsInRole on a role that this user belongs to, it returns
    false. When the user accesses this page, they are not prompted for
    their username and password, so single signon working here.

    Now, I have a subdirectory directory that is restricted using roles,
    so its directory has its own web.config

    <system.web>
    <authorization>
    <allow roles="Test" />
    <deny users="*" />
    </authorization>
    </system.web>

    Here if the user accesses this page then they are prompted to enter in
    their username and password. First question, why are they prompted
    for this when we already know who they are and they are in the "Test"
    role?

    After the user enters in their credentials and accesses the page ok,
    they return back to the first page. At this point, the User.IsInRole
    now starts working. It appears that the logon prompt of the user
    caused the IsInRole to now start returning TRUE. Why does it now
    work?

    Nothing really different about the virtual directories. If I change
    the 1st directory to have the same authorization as the 2nd directory,
    then they are prompted for username and password and IsInRole works.
    Have also tried...

    <allow users="*">
    <deny users="?">

    Thanks for any help,

    Ron
    , Aug 10, 2007
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Somyos Jinkow

    user.isinrole in user control

    Somyos Jinkow, Jun 1, 2004, in forum: ASP .Net
    Replies:
    1
    Views:
    1,896
    =?Utf-8?B?cmFuZ2FuaA==?=
    Jun 1, 2004
  2. Peter Bons
    Replies:
    1
    Views:
    498
    Patrick.O.Ige
    Mar 31, 2006
  3. Stefan
    Replies:
    12
    Views:
    319
    Stefan
    Jan 10, 2006
  4. Replies:
    0
    Views:
    149
  5. Gábor SEBESTYÉN

    Unless unless

    Gábor SEBESTYÉN, Jun 17, 2005, in forum: Ruby
    Replies:
    3
    Views:
    150
    Gábor SEBESTYÉN
    Jun 17, 2005
Loading...

Share This Page