1

I'm trying to implement some role-based functionality in my web application (.NET 4.0.3) so that I can control what menu items users can see based on their roles, either Administrator or User.

I'm simply using existing AD groups to administer the roles. Let's say there is a team in my organisation that is represented by an AD group called IT-Managers, and there is another team with AD group IT-Support. I simply want to map IT-Managers as Administrator and IT-Support as User.

I can easily use WindowsPrincipal.IsInRole() to check whether the currently logged-in user belongs to either group, but how do I tell the application that the logged-in user holds the Administrator role or the User role, therefore sitemap security trimming can pick this up?

Steven Manuel
  • 1,898
  • 1
  • 18
  • 22

1 Answers1

2

By implementing your custom Role Provider. Once implemented you can easily use the ASP.NET role provider framework....

Roles.IsUserInRole("Admin");
Roles.GetUsersInRole("Users");

etc.

You can implement a Role Provider by implementing the RoleProvider abstract class or by extending an existing one such as SqlRoleProvider. There's a lot of extensive documentation out there. I'll paste a couple of links

http://msdn.microsoft.com/en-us/library/aa478950.aspx

http://www.codeproject.com/Articles/28546/Active-Directory-Roles-Provider

Leo
  • 14,625
  • 2
  • 37
  • 55
  • I tried implementing my own RoleProvider and it worked. I was initially overwhelmed by the number of functions that seemed like they all need to be implemented. However I only implemented GetRolesForUser and IsUserInRole. It works as expected. Thanks! – Steven Manuel Dec 18 '13 at 23:26