C# - Get List Of Users Belonging To A Role Using Authorization Manager
Apr 8, 2010
Using ASP.NET (C#) I have set up Authorization Manager to allow me to handle roles on a website. Added users to roles is simple Roles.AddUserToRole("DOMAIN\UserName", "role"). However I want to list the users belonging to a role, but since they are stored as SID's, displaying them would not be that helpful. To get the users, I am thinking XML would have to be used, although is it possible to use COM Interop to both do that and get the user name? Either way, how can I get the users belonging to a role?
The table to manage roles would basically be like this:
Role User
---- ----
admin DOMAINUserName [delete]
DOMAINUserName2 [delete]
[add user text box]
news DOMAINUserName3 [delete]
[add user text box]
I need to populate a dropdown list with users who match certain role criteria. For example, if I have the following roles: Manager, Employee, Supervisor I would like to populate the list with only the Manager and Employee roles. Some individuals have multiple roles and they should be excluded if they also have the Supervisor role as illustrated below:
Name: A , Role(s): Manager, Employee, Supervisor
Name: B, Role(s): Employee
Name: C, Role(s): Manager, Employee
The final list should only contain names B & C.
I can use Roles.GetUsersInRole("Employee") but I am not sure if this is efficient or not.
I need to get list of users reporting to a particular manager from the Active directory. In the active directory there is manager property with contains the data in the following way.
Our team has recently implemented a role permission based authorization so that we can have granular control. This is similar to what Rockford Lhotka suggests herehttp://www.lhotka.net/weblog/PermissionbasedAuthorizationVsRolebasedAuthorization.aspx I have also read about the Claims based authorization which to me looks very similar to what we have. Can some one put in simple terms what the advantages of claims based authorization are.
After installing IIS 7 using Web Platform Installer 2.0, the .NET Authorization icon is missing from features view. Installed Recommended settings + ASP .NET + ASP + FTP Publishing + Administration Pack 1.0 + Basic Authentication + Windows Authentication + URL Authorization packages.
I have seen articles on Role Based Authorization in MS-Sql server-Asp.net but i did not find any article in MySql-ASP.net/vb.net, i am acheived this concept using session user name i am enabling certain parts of website to group A and certain parts of site to Group B but when i have more groups i cannot use this method.
Myrequirement is:
In Web applications, typically there exist certain parts of the site that only certain folks, or groups of persons can access. For example, imagine Web site used to administer the content on a company's public Internet Web site, where the public Web site lists products sold by the company. From the administrative site, all company employees might be able to make minor changes to the products' descriptions, quantity, and other such non-essential information. However, perhaps only a subset of trusted employees might be able to change the products' prices. And even a smaller subset of employees would be able to add new products or delete existing products from the database I would be delighted if any one provide the solution
If "Manager" tries to access "auth" folder, it is redirecting to login.aspx page. But because the "Manager" is authenticated already, how to redirect him to "manager" folder instead of Login.aspx page ?
I've just started a small ASP.NET web application. In this project, I need to authenticate the users with Active Directory. I managed to authenticate the users successfully with Active Directory. But with Authorization with Custom Role Provider, I'm so confused. You see, the user name and password are stored in AD. So, my approach is that after the LoggedIn event of the Login Control, I check if UserName is not yet stored in the Users table yet, then I will store the UserName there. Finally, I have all the UserName of the AD users store in the Users table so I can assign Roles to the users. see my tables diagram below:
Let's say I assign UserA to RoleOne. After he logs in successfully, I do some query to look for his Roles.
Where do I keep the Role ticket? In the Cookie or in the session? How does the authorization of ASP.NET role provider work? I want to store the authorization ticket like ASP.NET role prover does too.
I am having a very simple intranet site. I took the sample for my project from [URL] ....
I have integrated windows authentication with Role based authorization. There are only 3 .aspx pages and I have a tree view control on the master page. depending on the choices that the user's make on the tree view control the .aspx pages gets displayed.
There are only 2 active directory groups. Sales and Marketing. My network id is not in Sales AD group.So obviously it prompts me to put userid and password and it throws not authorized error when i try to access PortfolioData.aspx page. So far so good.
But I am a member of AD group MARKETING. I should be able open the page Schedules.aspx (please see the config file below). But I still get the Error message 401.2.: Unauthorized: Logon failed due to server configuration.
I have a sitemap defined in a web.sitemap file and I'm also doing role-based authorization for locations using web.config. I'm using the web.sitemap to generate a menu structure on a Master page, and I wanted to somehow hook the role-based auth from web.config into my menu to hide links to pages that would be denied access from the roles auth.
Is it possible to read the list of <location path=""> and associated role authorizations (allow or deny) from web.config so I can check that against the web.sitemap when generating the menu structure?
System.ArgumentException:Keyword not supported: 'eF8w9r2UJOsk0Ps3pxmV7/Fy/xPR2hN2S7BrC1iOYNnAUaI8AqkSm5bw7r+ta4sePWSV9t/3Spnpz6wsFpvMmcppNpqM5Zk7iiDqWVgIV4k='.
Line 46: string[] roleNames; Line 47: roleNames = Roles.GetAllRoles();
I've just started a small ASP.NET web application. In this project, I need to authenticate the users with Active Driectory. I managed to authenticate the users successfully with Active Directory. But with Authorization with Custom Role Provider, I'm so confused.You see, the user name and password are stored in AD. So, my approach is that after the LoggedIn event of the Login Control, I check if UserName is not yet stored in the Users table yet, then I will store the UserName there. Eventually, I have all the UserName of the AD users store in the Users table so I can assign Roles to the users.
Let's say I assigned UserA to RoleOne. After he logs in successfully, I do some query to look for his Roles.
Where do I keep the Role ticket? In the Cookie or in the session? How does the authorization of ASP.NET role provider work? I want to store the authentication ticket like ASP.NET role prover does too.
In my asp.net website in VS-2005 with SQL-Server 2005 as db, I need to implement role-based Authentication/Authorization.
I am familiar to the practises used in role-based authentication..as I have previously worked on projects that used this method. However, my project lead used to design the database. Now I have an existing website where authentication has been set to anonymous by setting 'allow users="?"' in the authentication tags in web.config.
If I use the createUserWizard control and use the Membership.creatUser(.....) method in code behind will the asp.net security tables, like users, roles, userinrole etc get created on its own?
I am trying to implement a simple role based authorization using forms authentication in ASP.net. It works perfectly fine in my local system but fails when I deploy in production (shared hosting). Whenever I try to log in, rather than taking me to the default page in specified directory it throws me back to the login page. I suspect that there is some issues with the configuration but not sure where the problem is. The code is provided below:
Web.config (root):
[Code]....
Web.config (Member directory):
[Code]....
Login.aspx:
[Code]....
Global.asax:
[Code]....
Works fine in local machine but shared hosting is not taking the authenticated user to the pages inside the secured folders. What can be the issue?
i am developing the web application in Asp.net i hav many .aspx pages in the project some of belongs to Admin and some some of to Customer so how can i divide that and how to access admin pages to admin login and customer pages to customer login.
I just realized after i created a test account i was not in any roles. Is there a way to automically add new users into the role Users? Have i missed this some where?
I have installed an ASP.NET 4.0 Web forms application in IIS 7.5. If I set the application pool to DefaultAppPool (.NET Framework 2.0) I get the icons for Providers, .NET-Roles and .NET-Users displayed on the configuration page for the application in IIS Manager and I can manage users and roles within IIS. (I'm using Forms authentication.)
But if I set the application pool to ASP.NET v4.0 I get a problem: Double clicking on the icons for Users or Roles in IIS Manager throws an error telling me that I cannot use these features since the providers could not be determined as trusted. If I set in administration.config in the trustedProviders section allowUntrustedProviders="true" and double click again on one of the icons I get the error that the assembly System.Web, Version 4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a could not be found. If I restart IIS Manager the icons disappear completely.
.NET Framework 4.0 is definitely installed. So this is all quite confusing. I know that .NET 4 uses another GAC than the old one for .NET 2-3. Could it be possible that IIS Manager is not able to find the new GAC for .NET 4? Do I have to add perhaps some of the new 4.0 assemblies to administration.config? Is there another way to add users and roles instead of IIS?
In my web.config file, I have an authorization section that is supposed to deny all users EXCEPT for those included in the group specified. However, my login form doesn't allow these users to proceed to the next page - the login form just reappears as if the user has been denied. Code:
[Code]....
I have a user named 'test' that is in the Student Council group. I've tried 'allow users' and 'allow roles' with no success. I've also confirmed that the user is able to log into any workstation in my domain.
I have a simple intranet site. It has a role based authorization in the web.config file.
Any user's in a specific role called as "Apr-Sales-Writers" will be authorized to use those pages. If not, they will not be authorized. So far so good. Works fine. But we added additional functionality where a new active directory group (means new role) has to be added and user's belonging to this new AD group should be given access to only specific .aspx pages on the intranet site. I am using a web.sitemap and it looks like this.
If the user's belong to say AD group "Apr-Sales-Writers", they should access only default.aspx and salesData.aspx pages. User's belonging to new AD group (which I did not include in the web.config file below), should have access to other .aspx pages.
