User Roles Problem
User Roles Problem
User Roles Problem
User Roles Problem
User Roles Problem
User Roles Problem User Roles Problem User Roles Problem User Roles Problem User Roles Problem User Roles Problem User Roles Problem User Roles Problem
User Roles Problem User Roles Problem
User Roles Problem
Go Back  Xtreme Visual Basic Talk > > > User Roles Problem


Reply
 
Thread Tools Display Modes
  #1  
Old 06-03-2013, 07:59 AM
james2k2's Avatar
james2k2 james2k2 is offline
Junior Contributor
 
Join Date: Oct 2002
Posts: 352
Default User Roles Problem


Hi All,

I'm in the middle of developing a system where the page data is authenticated against the current user before being displayed. Now, this was working and now it's not.

Basically, I have an SQL database where each row contains the Page Data and also what roles have access to that Page Data. The Roles column could have any number of roles or usernames mixed within it per page, for example:

"jsmith,Domain Admins,Web Editors" In this example, only John Smith (jsmith), Domain Administrators and Web Editors are allowed to view the content. SO I created a Function that dealt with this:

Code:
Public Function UserIsInRole(RoleString As String) As Boolean
        'checks to see if a comma delimited string of roles is part of the currently logged in user

        Dim SplitRoles() As String = Strings.Split(RoleString, ",")     'break down the roles to an array
        Dim RoleCount As Integer = 0                                    'set role count to zero

        For Each Role As String In SplitRoles                           'check each role in the array against the user
            If User.IsInRole(Role) Then RoleCount += 1
        Next

        If RoleCount > 0 Then
            Return True
        Else
            Return False
        End If
    End Function
I already realise I've not got the Domain in the check string (for ex. "myDomain\" & Role) but this didn't seem to matter previously.

Also, as you can see above, I'm using the IsInRole to query the Username, and this also used to work, but now returns False. Everything I try returns False except for 'Everyone'. So I now changed my code to include the domain in the role check and this only works for custom roles or non-admin roles. If I produce a role list for the current user, I can confirm that these 'Admin' roles are missing, unless I run IE as an Administrator and then they appear.

Bit of background: ASP.NET 2.0, IIS7, Local Machine Testing (localhost). I'm using ASP.NET 2.0 as I intend to eventually run it on a Win2k3 server that's only got 2.0 installed.

Any ideas?

Many thanks,
James
__________________
I don't have a signature
Reply With Quote
  #2  
Old 06-03-2013, 08:43 AM
DrPunk's Avatar
DrPunkUser Roles Problem DrPunk is offline
Senior Contributor

* Expert *
 
Join Date: Apr 2003
Location: Never where I want to be
Posts: 1,403
Default

The code run in User.IsInRole seems to be the important part. If that returned True when it should then everything should work.

That's probably the code we need to look at.

Edit :- Apologies for not realising that User.IsInRole is not your own code. Just looking up about it now. I'll hopefully be back in a bit.
__________________
There are no computers in heaven!

Last edited by DrPunk; 06-03-2013 at 08:49 AM.
Reply With Quote
  #3  
Old 06-03-2013, 08:55 AM
james2k2's Avatar
james2k2 james2k2 is offline
Junior Contributor
 
Join Date: Oct 2002
Posts: 352
Default

Yeah, you are spot on. I've just been testing my code using fully qualified tests (i.e. "myDomain\Group") and my function is working fine to that respect. So ultimately, my goal is to get the User.IsInRole returning True as it was doing. My web.config is as follows:

Code:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <system.web>
    <compilation debug="true">
      <assemblies>
        <add assembly="System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
      </assemblies>
    </compilation>
    <pages />
    <roleManager defaultProvider="AspNetWindowsTokenRoleProvider" enabled="true" />
        <identity impersonate="false" />
  </system.web>
  <!-- Start Force IE in Standards Mode -->
  <system.webServer>
    <httpProtocol>
      <customHeaders>
        <clear />
        <add name="X-UA-Compatible" value="IE=edge" />
      </customHeaders>
    </httpProtocol>
        <caching enabled="false" enableKernelCache="false" />
        <staticContent>
            <clientCache cacheControlMode="NoControl" />
        </staticContent>
        <defaultDocument>
            <files>
                <clear />
                <add value="default.aspx" />
                <add value="Default.htm" />
                <add value="Default.asp" />
                <add value="index.htm" />
                <add value="index.html" />
                <add value="iisstart.htm" />
            </files>
        </defaultDocument>
  </system.webServer>
  <!-- End Force IE in Standards Mode -->
</configuration>
Please forgive me too, I'm actually using IIS7.5.
__________________
I don't have a signature

Last edited by james2k2; 06-03-2013 at 09:03 AM.
Reply With Quote
  #4  
Old 06-03-2013, 10:00 AM
james2k2's Avatar
james2k2 james2k2 is offline
Junior Contributor
 
Join Date: Oct 2002
Posts: 352
Default

Just an update really. The code below is my modified function that will do the aforementioned checking properly. A side note would be that this forces a check against the Domain specified, whereas the way it was working previously would mean it could potentially match builtin or any domain (security issue). I'm not sure if this is exactly a solid solution so any input would be great. Many thanks

Code:
    Public Function UserIsInRole(RoleString As String, Optional NetDomain As String = "") As Boolean
        'checks to see if a comma delimited string of roles is part of the currently logged in user

        Dim SplitRoles() As String = Strings.Split(RoleString, ",")         'break down the roles to an array
        Dim RoleCount As Integer = 0                                        'set role count to zero

        If NetDomain <> "" Then NetDomain &= "\"

        For Each Role As String In SplitRoles                               'check each role in the array against the user
            If User.IsInRole(NetDomain & Role) Then RoleCount += 1
            If User.Identity.Name = NetDomain & Role Then RoleCount += 1
        Next


        If RoleCount > 0 Then                                               'return true if the user was found to match any roles supplied
            Return True
        Else
            Return False
        End If
    End Function
__________________
I don't have a signature
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump

Advertisement:





Free Publications
The ASP.NET 2.0 Anthology
101 Essential Tips, Tricks & Hacks - Free 156 Page Preview. Learn the most practical features and best approaches for ASP.NET.
subscribe
Programmers Heaven C# School Book -Free 338 Page eBook
The Programmers Heaven C# School book covers the .NET framework and the C# language.
subscribe
Build Your Own ASP.NET 3.5 Web Site Using C# & VB, 3rd Edition - Free 219 Page Preview!
This comprehensive step-by-step guide will help get your database-driven ASP.NET web site up and running in no time..
subscribe
User Roles Problem
User Roles Problem
User Roles Problem User Roles Problem
User Roles Problem
User Roles Problem
User Roles Problem User Roles Problem User Roles Problem User Roles Problem User Roles Problem User Roles Problem User Roles Problem
User Roles Problem
User Roles Problem
 
User Roles Problem
User Roles Problem
 
-->