Gets role information for an ASP.NET application from Windows group membership.
Assembly: System.Web (in System.Web.dll)
The class is a read-only role-membership provider that retrieves role information for a Windows user based on Windows security groups. It is most useful with ASP.NET applications that use Windows authentication mode where the IIS authentication settings disable anonymous authentication. You can configure ASP.NET applications to allow or deny access based on a user's membership in a particular Windows group.
You cannot use the class to create or delete roles or modify the membership of a role that is based on Windows group membership. This functionality is managed by the Windows operating system. The class supports only the IsUserInRole and GetRolesForUser methods of the RoleProvider abstract class.
The following example shows the Web.config file for an ASP.NET application. It specifies that the application uses both Windows authentication and the class to retrieve role information for Windows users. The authorization element specifies that only users in the BUILTIN\Administrators group are allowed access to the application.
<configuration> <system.web> <authentication mode="Windows" /> <authorization> <allow roles="BUILTIN\Administrators" /> <deny users="*" /> </authorization> <roleManager defaultProvider="WindowsProvider" enabled="true" cacheRolesInCookie="false"> <providers> <add name="WindowsProvider" type="System.Web.Security.WindowsTokenRoleProvider" /> </providers> </roleManager> </system.web> </configuration>
Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98