WindowsTokenRoleProvider Class

.NET Framework (current version)
 

Gets role information for an ASP.NET application from Windows group membership.

Namespace:   System.Web.Security
Assembly:  System.Web (in System.Web.dll)

System.Object
  System.Configuration.Provider.ProviderBase
    System.Web.Security.RoleProvider
      System.Web.Security.WindowsTokenRoleProvider

C#
C++
F#
VB
Copy 
public class WindowsTokenRoleProvider : RoleProvider

NameDescription
System_CAPS_pubmethodWindowsTokenRoleProvider()

Creates an instance of the WindowsTokenRoleProvider class.

NameDescription
System_CAPS_pubpropertyApplicationName

Gets or sets the name of the application.(Overrides RoleProvider.ApplicationName.)

System_CAPS_pubpropertyDescription

Gets a brief, friendly description suitable for display in administrative tools or other user interfaces (UIs).(Inherited from ProviderBase.)

System_CAPS_pubpropertyName

Gets the friendly name used to refer to the provider during configuration.(Inherited from ProviderBase.)

NameDescription
System_CAPS_pubmethodAddUsersToRoles(String[], String[])

This method is not supported by the Windows token role provider.(Overrides RoleProvider.AddUsersToRoles(String[], String[]).)

System_CAPS_pubmethodCreateRole(String)

This method is not supported by the Windows token role provider.(Overrides RoleProvider.CreateRole(String).)

System_CAPS_pubmethodDeleteRole(String, Boolean)

This method is not supported by the Windows token role provider.(Overrides RoleProvider.DeleteRole(String, Boolean).)

System_CAPS_pubmethodEquals(Object)

Determines whether the specified object is equal to the current object.(Inherited from Object.)

System_CAPS_protmethodFinalize()

Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.(Inherited from Object.)

System_CAPS_pubmethodFindUsersInRole(String, String)

This method is not supported by the Windows token role provider.(Overrides RoleProvider.FindUsersInRole(String, String).)

System_CAPS_pubmethodGetAllRoles()

This method is not supported by the Windows token role provider.(Overrides RoleProvider.GetAllRoles().)

System_CAPS_pubmethodGetHashCode()

Serves as the default hash function. (Inherited from Object.)

System_CAPS_pubmethodGetRolesForUser(String)

Gets a list of the Windows groups that a user is in.(Overrides RoleProvider.GetRolesForUser(String).)

System_CAPS_pubmethodGetType()

Gets the Type of the current instance.(Inherited from Object.)

System_CAPS_pubmethodGetUsersInRole(String)

This method is not supported by the Windows token role provider.(Overrides RoleProvider.GetUsersInRole(String).)

System_CAPS_pubmethodInitialize(String, NameValueCollection)

Initializes the Windows token role provider with the property values specified in the configuration file for the ASP.NET application. This method is not intended to be used directly from your code.(Overrides ProviderBase.Initialize(String, NameValueCollection).)

System_CAPS_pubmethodIsUserInRole(String, String)

Gets a value indicating whether the specified user is in the specified Windows group.(Overrides RoleProvider.IsUserInRole(String, String).)

System_CAPS_pubmethodIsUserInRole(String, WindowsBuiltInRole)

Gets a value indicating whether the specified user is in the specified built-in Windows role.

System_CAPS_protmethodMemberwiseClone()

Creates a shallow copy of the current Object.(Inherited from Object.)

System_CAPS_pubmethodRemoveUsersFromRoles(String[], String[])

This method is not supported by the Windows token role provider.(Overrides RoleProvider.RemoveUsersFromRoles(String[], String[]).)

System_CAPS_pubmethodRoleExists(String)

This method is not supported by the Windows token role provider.(Overrides RoleProvider.RoleExists(String).)

System_CAPS_pubmethodToString()

Returns a string that represents the current object.(Inherited from Object.)

The WindowsTokenRoleProvider class is a read-only role-membership provider that retrieves role information for a Windows user based on Windows security groups. It is most useful with ASP.NET applications that use Windows authentication mode where the IIS authentication settings disable anonymous authentication. You can configure ASP.NET applications to allow or deny access based on a user's membership in a particular Windows group.

You cannot use the WindowsTokenRoleProvider class to create or delete roles or modify the membership of a role that is based on Windows group membership. This functionality is managed by the Windows operating system. The WindowsTokenRoleProvider class supports only the IsUserInRole and GetRolesForUser methods of the RoleProvider abstract class.

The following example shows the Web.config file for an ASP.NET application. It specifies that the application uses both Windows authentication and the WindowsTokenRoleProvider class to retrieve role information for Windows users. The element specifies that only users in the BUILTIN\Administrators group are allowed access to the application.

Copy 
<configuration>
  <system.web>
    <authentication mode="Windows" />

    <authorization>
      <allow roles="BUILTIN\Administrators" />
        <deny users="*" />
      </authorization>

    <roleManager defaultProvider="WindowsProvider" 
      enabled="true"
      cacheRolesInCookie="false">
      <providers>
        <add
          name="WindowsProvider"
          type="System.Web.Security.WindowsTokenRoleProvider" />
      </providers>
    </roleManager>

  </system.web>
</configuration>

.NET Framework
Available since 2.0

Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top
Show: