Gets role information for an ASP.NET application from Windows group membership.
System.Configuration.Provider.ProviderBase
System.Web.Security.RoleProvider
System.Web.Security.WindowsTokenRoleProvider
Namespace: System.Web.Security
Assembly: System.Web (in System.Web.dll)
Public Class WindowsTokenRoleProvider _ Inherits RoleProvider
public class WindowsTokenRoleProvider : RoleProvider
public ref class WindowsTokenRoleProvider : public RoleProvider
type WindowsTokenRoleProvider = class inherit RoleProvider end
The WindowsTokenRoleProvider type exposes the following members.
| Name | Description | |
|---|---|---|
|
WindowsTokenRoleProvider | Creates an instance of the WindowsTokenRoleProvider class. |
| Name | Description | |
|---|---|---|
|
ApplicationName | Gets or sets the name of the application. (Overrides RoleProvider.ApplicationName.) |
|
|
Description | Gets a brief, friendly description suitable for display in administrative tools or other user interfaces (UIs). (Inherited from ProviderBase.) |
|
|
Name | Gets the friendly name used to refer to the provider during configuration. (Inherited from ProviderBase.) |
| Name | Description | |
|---|---|---|
|
|
AddUsersToRoles | This method is not supported by the Windows token role provider. (Overrides RoleProvider.AddUsersToRoles(String[], String[]).) |
|
|
CreateRole | This method is not supported by the Windows token role provider. (Overrides RoleProvider.CreateRole(String).) |
|
|
DeleteRole | This method is not supported by the Windows token role provider. (Overrides RoleProvider.DeleteRole(String, Boolean).) |
|
|
Equals(Object) | Determines whether the specified Object is equal to the current Object. (Inherited from Object.) |
|
Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.) |
|
|
FindUsersInRole | This method is not supported by the Windows token role provider. (Overrides RoleProvider.FindUsersInRole(String, String).) |
|
|
GetAllRoles | This method is not supported by the Windows token role provider. (Overrides RoleProvider.GetAllRoles().) |
|
|
GetHashCode | Serves as a hash function for a particular type. (Inherited from Object.) |
|
|
GetRolesForUser | Gets a list of the Windows groups that a user is in. (Overrides RoleProvider.GetRolesForUser(String).) |
|
|
GetType | Gets the Type of the current instance. (Inherited from Object.) |
|
|
GetUsersInRole | This method is not supported by the Windows token role provider. (Overrides RoleProvider.GetUsersInRole(String).) |
|
|
Initialize | Initializes the Windows token role provider with the property values specified in the configuration file for the ASP.NET application. This method is not intended to be used directly from your code. (Overrides ProviderBase.Initialize(String, NameValueCollection).) |
|
|
IsUserInRole(String, WindowsBuiltInRole) | Gets a value indicating whether the specified user is in the specified built-in Windows role. |
|
|
IsUserInRole(String, String) | Gets a value indicating whether the specified user is in the specified Windows group. (Overrides RoleProvider.IsUserInRole(String, String).) |
|
|
MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object.) |
|
|
RemoveUsersFromRoles | This method is not supported by the Windows token role provider. (Overrides RoleProvider.RemoveUsersFromRoles(String[], String[]).) |
|
|
RoleExists | This method is not supported by the Windows token role provider. (Overrides RoleProvider.RoleExists(String).) |
|
|
ToString | Returns a string that represents the current object. (Inherited from Object.) |
The WindowsTokenRoleProvider class is a read-only role-membership provider that retrieves role information for a Windows user based on Windows security groups. It is most useful with ASP.NET applications that use Windows authentication mode where the IIS authentication settings disable anonymous authentication. You can configure ASP.NET applications to allow or deny access based on a user's membership in a particular Windows group.
You cannot use the WindowsTokenRoleProvider class to create or delete roles or modify the membership of a role that is based on Windows group membership. This functionality is managed by the Windows operating system. The WindowsTokenRoleProvider class supports only the IsUserInRole and GetRolesForUser methods of the RoleProvider abstract class.
The following example shows the Web.config file for an ASP.NET application. It specifies that the application uses both Windows authentication and the WindowsTokenRoleProvider class to retrieve role information for Windows users. The authorization element specifies that only users in the BUILTIN\Administrators group are allowed access to the application.
<configuration>
<system.web>
<authentication mode="Windows" />
<authorization>
<allow roles="BUILTIN\Administrators" />
<deny users="*" />
</authorization>
<roleManager defaultProvider="WindowsProvider"
enabled="true"
cacheRolesInCookie="false">
<providers>
<add
name="WindowsProvider"
type="System.Web.Security.WindowsTokenRoleProvider" />
</providers>
</roleManager>
</system.web>
</configuration>
.NET Framework
Supported in: 4, 3.5, 3.0, 2.0Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.