Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

WindowsTokenRoleProvider Class

Gets role information for an ASP.NET application from Windows group membership.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)
public class WindowsTokenRoleProvider : RoleProvider

The WindowsTokenRoleProvider type exposes the following members.

  NameDescription
Public methodWindowsTokenRoleProviderCreates an instance of the WindowsTokenRoleProvider class.
Top
  NameDescription
Public propertyApplicationNameGets or sets the name of the application. (Overrides RoleProvider.ApplicationName.)
Public propertyDescriptionGets a brief, friendly description suitable for display in administrative tools or other user interfaces (UIs). (Inherited from ProviderBase.)
Public propertyNameGets the friendly name used to refer to the provider during configuration. (Inherited from ProviderBase.)
Top
  NameDescription
Public methodAddUsersToRolesThis method is not supported by the Windows token role provider. (Overrides RoleProvider.AddUsersToRoles(String[], String[]).)
Public methodCreateRoleThis method is not supported by the Windows token role provider. (Overrides RoleProvider.CreateRole(String).)
Public methodDeleteRoleThis method is not supported by the Windows token role provider. (Overrides RoleProvider.DeleteRole(String, Boolean).)
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodFindUsersInRoleThis method is not supported by the Windows token role provider. (Overrides RoleProvider.FindUsersInRole(String, String).)
Public methodGetAllRolesThis method is not supported by the Windows token role provider. (Overrides RoleProvider.GetAllRoles().)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetRolesForUserGets a list of the Windows groups that a user is in. (Overrides RoleProvider.GetRolesForUser(String).)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodGetUsersInRoleThis method is not supported by the Windows token role provider. (Overrides RoleProvider.GetUsersInRole(String).)
Public methodInitializeInitializes the Windows token role provider with the property values specified in the configuration file for the ASP.NET application. This method is not intended to be used directly from your code. (Overrides ProviderBase.Initialize(String, NameValueCollection).)
Public methodIsUserInRole(String, WindowsBuiltInRole)Gets a value indicating whether the specified user is in the specified built-in Windows role.
Public methodIsUserInRole(String, String)Gets a value indicating whether the specified user is in the specified Windows group. (Overrides RoleProvider.IsUserInRole(String, String).)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodRemoveUsersFromRolesThis method is not supported by the Windows token role provider. (Overrides RoleProvider.RemoveUsersFromRoles(String[], String[]).)
Public methodRoleExistsThis method is not supported by the Windows token role provider. (Overrides RoleProvider.RoleExists(String).)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Top

The WindowsTokenRoleProvider class is a read-only role-membership provider that retrieves role information for a Windows user based on Windows security groups. It is most useful with ASP.NET applications that use Windows authentication mode where the IIS authentication settings disable anonymous authentication. You can configure ASP.NET applications to allow or deny access based on a user's membership in a particular Windows group.

You cannot use the WindowsTokenRoleProvider class to create or delete roles or modify the membership of a role that is based on Windows group membership. This functionality is managed by the Windows operating system. The WindowsTokenRoleProvider class supports only the IsUserInRole and GetRolesForUser methods of the RoleProvider abstract class.

The following example shows the Web.config file for an ASP.NET application. It specifies that the application uses both Windows authentication and the WindowsTokenRoleProvider class to retrieve role information for Windows users. The authorization element specifies that only users in the BUILTIN\Administrators group are allowed access to the application.

<configuration>
  <system.web>
    <authentication mode="Windows" />

    <authorization>
      <allow roles="BUILTIN\Administrators" />
        <deny users="*" />
      </authorization>

    <roleManager defaultProvider="WindowsProvider" 
      enabled="true"
      cacheRolesInCookie="false">
      <providers>
        <add
          name="WindowsProvider"
          type="System.Web.Security.WindowsTokenRoleProvider" />
      </providers>
    </roleManager>

  </system.web>
</configuration>

.NET Framework

Supported in: 4.5.1, 4.5, 4, 3.5, 3.0, 2.0

Windows Phone 8.1, Windows Phone 8, Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.