System.Security.SecurityException - Get the role name

Question

I've implemented a catch all security exceptions method in my global.asax like this...

protected void Application_Error(object sender, EventArgs e)
    {

        Exception err = Server.GetLastError();
        if (err is System.Security.SecurityException)
            Response.Redirect("~/Error/Roles.aspx);

    }

Is there a property I can access that shows the name of the role which was missing from the users permissions? Ie. err.RoleThatFailed?

Manh thanks,

ETFairfax.

score 0 · Answer 1 · answered Oct 30 '09 at 11:39

0

You can just output the whole stacktrace.

i.e.,

err.ToString() will tell you more info.

answered Oct 30 '09 at 11:39

Graviton

81,782
146
424
602

Thanks for the reply. I wanted to be more specific on the page that the users see. I.E "You do not have permission XYZ". err.ToString() is going to my error log so I can see what happened, but the user needs to see something a bit friendlier! – ETFairfax Oct 30 '09 at 12:41

score 0 · Answer 2 · answered May 23 '14 at 16:27

The role can be found in the PermissionState property. This property contains XML that need to be parsed. The name of the role can found in the element 'Identity', which has an attribute named 'Role'.

Exception err = Server.GetLastError();
if (err is System.Security.SecurityException)
{
    var xmlDocument = new XmlDocument();
    xmlDocument.LoadXml(err.PermissionState);
    string roleName = xmlDocument.GetElementsByTagName("Identity")[0].Attributes["Role"].Value;

    ...

    Response.Redirect("~/Error/Roles.aspx);     
}

System.Security.SecurityException - Get the role name

2 Answers2