what roles in rolelist

H

hansiman

Following http://aspnet.4guysfromrolla.com/articles/082703-1.aspx I've
set up roles authentication for my web application.

User's roles are registered by:

HttpContext.Current.User = _
New GenericPrincipal(User.Identity, roleListArray)

I'd like to enter a user's roles into a listbox for viewing.

Must I loop all roles from datastore and check if user has role, or
can I somehow loop the specific user's roles (something like for each
role in user.roles)?

Mort
 
G

Guest

We think it's better to loop through the Roles in the principal object.
However, to do this, you have to create your own custom implementation of
IPrincipal, which is actually not that hard to do. We've included an
implementation below (sorry, C# code):

using System;
using System.Security.Principal;

namespace Ng.Auth
{
/// <summary>
/// Summary description for CustomPrincipal.
/// </summary>
public class CustomPrincipal : IPrincipal
{
private IIdentity _objIdentity;
private string [] _strRoles;

public CustomPrincipal(IIdentity objIdentity, string[] strRoles)
{
_objIdentity = objIdentity;
_strRoles = new string[strRoles.Length];
strRoles.CopyTo(_strRoles, 0);
Array.Sort(_strRoles);
}

public bool IsInRole(string strRole)
{
return Array.BinarySearch( _strRoles, strRole ) >=0 ? true : false;
}

public IIdentity Identity
{
get
{
return _objIdentity;
}
}

public string[] Roles
{
get
{
return _strRoles;
}
}

}
}

At this point it has become very easy to loop through all roles, like this:

// First do this:
string[] strOrgRoles = { "admin", "user", "teamadmin" };
HttpContext.Current.User = new CustomPrincipal(User.Identity, strOrgRoles);

// At a later time do this:
CustomPrincipal objPrincipal = (CustomPrincipal) HttpContext.Current.User;
foreach ( string strRole in objPrincipal.Roles )
{
Response.Write(strRole + "<br />");
}

You're probably better off using this approach instead of querying the
database. Something we recently came across, is somewhat related to your
question. It involves querying all roles of the windows identity. The code is
based on an example from Joe Kaplan in VB.NET. It might also be useful. It
uses reflection to get to the roles.

WindowsIdentity objCurrentIdentity = WindowsIdentity.GetCurrent();
Type objIdentityType = typeof(WindowsIdentity);
object objRoles = objIdentityType.InvokeMember("_GetRoles",
BindingFlags.Static | BindingFlags.InvokeMethod | BindingFlags.NonPublic,
null, objCurrentIdentity, new object[] { objCurrentIdentity.Token }, null);
string[] strRoles = (string[]) objRoles;

Kind regards,
Nikander & Margriet Bruggeman
 
H

hansiman

Thanks, I'll look into the code :)

one of the problems I found with the role based authentication
outlined in http://aspnet.4guysfromrolla.com/articles/082703-1.aspx
was that the code in the Application_AuthenticateRequest (global.asax)
fired on every page request...

Mort


We think it's better to loop through the Roles in the principal object.
However, to do this, you have to create your own custom implementation of
IPrincipal, which is actually not that hard to do. We've included an
implementation below (sorry, C# code):

using System;
using System.Security.Principal;

namespace Ng.Auth
{
/// <summary>
/// Summary description for CustomPrincipal.
/// </summary>
public class CustomPrincipal : IPrincipal
{
private IIdentity _objIdentity;
private string [] _strRoles;

public CustomPrincipal(IIdentity objIdentity, string[] strRoles)
{
_objIdentity = objIdentity;
_strRoles = new string[strRoles.Length];
strRoles.CopyTo(_strRoles, 0);
Array.Sort(_strRoles);
}

public bool IsInRole(string strRole)
{
return Array.BinarySearch( _strRoles, strRole ) >=0 ? true : false;
}

public IIdentity Identity
{
get
{
return _objIdentity;
}
}

public string[] Roles
{
get
{
return _strRoles;
}
}

}
}

At this point it has become very easy to loop through all roles, like this:

// First do this:
string[] strOrgRoles = { "admin", "user", "teamadmin" };
HttpContext.Current.User = new CustomPrincipal(User.Identity, strOrgRoles);

// At a later time do this:
CustomPrincipal objPrincipal = (CustomPrincipal) HttpContext.Current.User;
foreach ( string strRole in objPrincipal.Roles )
{
Response.Write(strRole + "<br />");
}

You're probably better off using this approach instead of querying the
database. Something we recently came across, is somewhat related to your
question. It involves querying all roles of the windows identity. The code is
based on an example from Joe Kaplan in VB.NET. It might also be useful. It
uses reflection to get to the roles.

WindowsIdentity objCurrentIdentity = WindowsIdentity.GetCurrent();
Type objIdentityType = typeof(WindowsIdentity);
object objRoles = objIdentityType.InvokeMember("_GetRoles",
BindingFlags.Static | BindingFlags.InvokeMethod | BindingFlags.NonPublic,
null, objCurrentIdentity, new object[] { objCurrentIdentity.Token }, null);
string[] strRoles = (string[]) objRoles;

Kind regards,
Nikander & Margriet Bruggeman

hansiman said:
Following http://aspnet.4guysfromrolla.com/articles/082703-1.aspx I've
set up roles authentication for my web application.

User's roles are registered by:

HttpContext.Current.User = _
New GenericPrincipal(User.Identity, roleListArray)

I'd like to enter a user's roles into a listbox for viewing.

Must I loop all roles from datastore and check if user has role, or
can I somehow loop the specific user's roles (something like for each
role in user.roles)?

Mort
Click to expand...
Click to expand...
 
G

Guest

Well, you could of course add the role adding bit to:

protected void Session_Start(Object sender, EventArgs e)

instead.

Kind regards,
Nikander & Margriet Bruggeman

hansiman said:
Thanks, I'll look into the code :)

one of the problems I found with the role based authentication
outlined in http://aspnet.4guysfromrolla.com/articles/082703-1.aspx
was that the code in the Application_AuthenticateRequest (global.asax)
fired on every page request...

Mort


We think it's better to loop through the Roles in the principal object.
However, to do this, you have to create your own custom implementation of
IPrincipal, which is actually not that hard to do. We've included an
implementation below (sorry, C# code):

using System;
using System.Security.Principal;

namespace Ng.Auth
{
/// <summary>
/// Summary description for CustomPrincipal.
/// </summary>
public class CustomPrincipal : IPrincipal
{
private IIdentity _objIdentity;
private string [] _strRoles;

public CustomPrincipal(IIdentity objIdentity, string[] strRoles)
{
_objIdentity = objIdentity;
_strRoles = new string[strRoles.Length];
strRoles.CopyTo(_strRoles, 0);
Array.Sort(_strRoles);
}

public bool IsInRole(string strRole)
{
return Array.BinarySearch( _strRoles, strRole ) >=0 ? true : false;
}

public IIdentity Identity
{
get
{
return _objIdentity;
}
}

public string[] Roles
{
get
{
return _strRoles;
}
}

}
}

At this point it has become very easy to loop through all roles, like this:

// First do this:
string[] strOrgRoles = { "admin", "user", "teamadmin" };
HttpContext.Current.User = new CustomPrincipal(User.Identity, strOrgRoles);

// At a later time do this:
CustomPrincipal objPrincipal = (CustomPrincipal) HttpContext.Current.User;
foreach ( string strRole in objPrincipal.Roles )
{
Response.Write(strRole + "<br />");
}

You're probably better off using this approach instead of querying the
database. Something we recently came across, is somewhat related to your
question. It involves querying all roles of the windows identity. The code is
based on an example from Joe Kaplan in VB.NET. It might also be useful. It
uses reflection to get to the roles.

WindowsIdentity objCurrentIdentity = WindowsIdentity.GetCurrent();
Type objIdentityType = typeof(WindowsIdentity);
object objRoles = objIdentityType.InvokeMember("_GetRoles",
BindingFlags.Static | BindingFlags.InvokeMethod | BindingFlags.NonPublic,
null, objCurrentIdentity, new object[] { objCurrentIdentity.Token }, null);
string[] strRoles = (string[]) objRoles;

Kind regards,
Nikander & Margriet Bruggeman

hansiman said:
Following http://aspnet.4guysfromrolla.com/articles/082703-1.aspx I've
set up roles authentication for my web application.

User's roles are registered by:

HttpContext.Current.User = _
New GenericPrincipal(User.Identity, roleListArray)

I'd like to enter a user's roles into a listbox for viewing.

Must I loop all roles from datastore and check if user has role, or
can I somehow loop the specific user's roles (something like for each
role in user.roles)?

Mort
Click to expand...
Click to expand...
Click to expand...
 
H

hansiman

Thanks a lot for your help...
Must say that my .net skill are not quite there yet to follow your
code example... however, I followed the tutorial on
http://www.devhood.com/tutorials/tutorial_details.aspx?tutorial_id=433&printer=t

This seems to do the job for me.

Mort

Well, you could of course add the role adding bit to:

protected void Session_Start(Object sender, EventArgs e)

instead.

Kind regards,
Nikander & Margriet Bruggeman

hansiman said:
Thanks, I'll look into the code :)

one of the problems I found with the role based authentication
outlined in http://aspnet.4guysfromrolla.com/articles/082703-1.aspx
was that the code in the Application_AuthenticateRequest (global.asax)
fired on every page request...

Mort


We think it's better to loop through the Roles in the principal object.
However, to do this, you have to create your own custom implementation of
IPrincipal, which is actually not that hard to do. We've included an
implementation below (sorry, C# code):

using System;
using System.Security.Principal;

namespace Ng.Auth
{
/// <summary>
/// Summary description for CustomPrincipal.
/// </summary>
public class CustomPrincipal : IPrincipal
{
private IIdentity _objIdentity;
private string [] _strRoles;

public CustomPrincipal(IIdentity objIdentity, string[] strRoles)
{
_objIdentity = objIdentity;
_strRoles = new string[strRoles.Length];
strRoles.CopyTo(_strRoles, 0);
Array.Sort(_strRoles);
}

public bool IsInRole(string strRole)
{
return Array.BinarySearch( _strRoles, strRole ) >=0 ? true : false;
}

public IIdentity Identity
{
get
{
return _objIdentity;
}
}

public string[] Roles
{
get
{
return _strRoles;
}
}

}
}

At this point it has become very easy to loop through all roles, like this:

// First do this:
string[] strOrgRoles = { "admin", "user", "teamadmin" };
HttpContext.Current.User = new CustomPrincipal(User.Identity, strOrgRoles);

// At a later time do this:
CustomPrincipal objPrincipal = (CustomPrincipal) HttpContext.Current.User;
foreach ( string strRole in objPrincipal.Roles )
{
Response.Write(strRole + "<br />");
}

You're probably better off using this approach instead of querying the
database. Something we recently came across, is somewhat related to your
question. It involves querying all roles of the windows identity. The code is
based on an example from Joe Kaplan in VB.NET. It might also be useful. It
uses reflection to get to the roles.

WindowsIdentity objCurrentIdentity = WindowsIdentity.GetCurrent();
Type objIdentityType = typeof(WindowsIdentity);
object objRoles = objIdentityType.InvokeMember("_GetRoles",
BindingFlags.Static | BindingFlags.InvokeMethod | BindingFlags.NonPublic,
null, objCurrentIdentity, new object[] { objCurrentIdentity.Token }, null);
string[] strRoles = (string[]) objRoles;

Kind regards,
Nikander & Margriet Bruggeman

:

Following http://aspnet.4guysfromrolla.com/articles/082703-1.aspx I've
set up roles authentication for my web application.

User's roles are registered by:

HttpContext.Current.User = _
New GenericPrincipal(User.Identity, roleListArray)

I'd like to enter a user's roles into a listbox for viewing.

Must I loop all roles from datastore and check if user has role, or
can I somehow loop the specific user's roles (something like for each
role in user.roles)?

Mort
Click to expand...
Click to expand...
Click to expand...
 
H

hansiman

One question...
In classic asp I used to call session.abandon to logout a user. If I
do this User.Identity.IsAuthenticated still reads true.

How do I set User.Identity.IsAuthenticated to false without closing
the browser?

M

Well, you could of course add the role adding bit to:

protected void Session_Start(Object sender, EventArgs e)

instead.

Kind regards,
Nikander & Margriet Bruggeman

hansiman said:
Thanks, I'll look into the code :)

one of the problems I found with the role based authentication
outlined in http://aspnet.4guysfromrolla.com/articles/082703-1.aspx
was that the code in the Application_AuthenticateRequest (global.asax)
fired on every page request...

Mort


We think it's better to loop through the Roles in the principal object.
However, to do this, you have to create your own custom implementation of
IPrincipal, which is actually not that hard to do. We've included an
implementation below (sorry, C# code):

using System;
using System.Security.Principal;

namespace Ng.Auth
{
/// <summary>
/// Summary description for CustomPrincipal.
/// </summary>
public class CustomPrincipal : IPrincipal
{
private IIdentity _objIdentity;
private string [] _strRoles;

public CustomPrincipal(IIdentity objIdentity, string[] strRoles)
{
_objIdentity = objIdentity;
_strRoles = new string[strRoles.Length];
strRoles.CopyTo(_strRoles, 0);
Array.Sort(_strRoles);
}

public bool IsInRole(string strRole)
{
return Array.BinarySearch( _strRoles, strRole ) >=0 ? true : false;
}

public IIdentity Identity
{
get
{
return _objIdentity;
}
}

public string[] Roles
{
get
{
return _strRoles;
}
}

}
}

At this point it has become very easy to loop through all roles, like this:

// First do this:
string[] strOrgRoles = { "admin", "user", "teamadmin" };
HttpContext.Current.User = new CustomPrincipal(User.Identity, strOrgRoles);

// At a later time do this:
CustomPrincipal objPrincipal = (CustomPrincipal) HttpContext.Current.User;
foreach ( string strRole in objPrincipal.Roles )
{
Response.Write(strRole + "<br />");
}

You're probably better off using this approach instead of querying the
database. Something we recently came across, is somewhat related to your
question. It involves querying all roles of the windows identity. The code is
based on an example from Joe Kaplan in VB.NET. It might also be useful. It
uses reflection to get to the roles.

WindowsIdentity objCurrentIdentity = WindowsIdentity.GetCurrent();
Type objIdentityType = typeof(WindowsIdentity);
object objRoles = objIdentityType.InvokeMember("_GetRoles",
BindingFlags.Static | BindingFlags.InvokeMethod | BindingFlags.NonPublic,
null, objCurrentIdentity, new object[] { objCurrentIdentity.Token }, null);
string[] strRoles = (string[]) objRoles;

Kind regards,
Nikander & Margriet Bruggeman

:

Following http://aspnet.4guysfromrolla.com/articles/082703-1.aspx I've
set up roles authentication for my web application.

User's roles are registered by:

HttpContext.Current.User = _
New GenericPrincipal(User.Identity, roleListArray)

I'd like to enter a user's roles into a listbox for viewing.

Must I loop all roles from datastore and check if user has role, or
can I somehow loop the specific user's roles (something like for each
role in user.roles)?

Mort
Click to expand...
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

AuthenticateRequest event and Roles 1
Forms Authentication. Roles problem in IIS7. Any idea? Anyone? 0
Change code to work with OLEDB 2
Forms Authentication with roles from table 0
DataReader Problem 3
Forms, Roles, and webconfig 1
How to add roles to user using Forms Authentication in ASP.NET 2.0 2
How to Implement Dynamic Roles 9

Members online

Total: 24 (members: 2, guests: 22)
Robots: 461

Forum statistics

Threads
473,770
Messages
2,569,583
Members
45,075
Latest member
MakersCBDBloodSupport

Latest Threads

Top