WindowsTokenRoleProvider.GetRolesForUser(String) Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Gets a list of the Windows groups that a user is in.
public:
override cli::array <System::String ^> ^ GetRolesForUser(System::String ^ username);public override string[] GetRolesForUser (string username);override this.GetRolesForUser : string -> string[]Public Overrides Function GetRolesForUser (username As String) As String()Parameters
- username
- String
The user to return the list of Windows groups for in the form DOMAIN\username.
Returns
A string array containing the names of all the Windows groups that the specified user is in.
Exceptions
The currently executing user does not have an authenticated WindowsIdentity attached to User. For non-HTTP scenarios, the currently executing user does not have an authenticated WindowsIdentity attached to CurrentPrincipal.
-or-
username does not match the Name of the current WindowsIdentity.
-or-
A failure occurred while retrieving the user's Windows group information.
username is null.
The trust level is less than Low.
Examples
The following code example uses the GetRolesForUser method to retrieve a list of roles for a specified user and binds the list of roles to a GridView control. For an example of a Web.config file that enables role management, see WindowsTokenRoleProvider.
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
string[] rolesArray;
public void Page_Load()
{
Msg.Text = "";
try
{
if (!Roles.IsUserInRole(User.Identity.Name, @"BUILTIN\Administrators"))
{
Msg.Text = "You are not authorized to view user roles.";
return;
}
}
catch (HttpException e)
{
Msg.Text = "There is no current logged on user. Role membership cannot be verified.";
return;
}
// Bind roles to GridView.
rolesArray = Roles.GetRolesForUser(User.Identity.Name);
UserRolesGrid.DataSource = rolesArray;
UserRolesGrid.DataBind();
UserRolesGrid.Columns[0].HeaderText = "Roles for " + User.Identity.Name;
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: View User Roles</title>
</head>
<body>
<form runat="server" id="PageForm">
<h3>View User Roles</h3>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<table border="0" cellspacing="4">
<tr>
<td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid"
AutoGenerateColumns="false" Gridlines="None"
CellSpacing="0" >
<HeaderStyle BackColor="navy" ForeColor="white" />
<Columns>
<asp:TemplateField HeaderText="Roles" >
<ItemTemplate>
<%# Container.DataItem.ToString() %>
</ItemTemplate>
</asp:TemplateField>
</Columns>
</asp:GridView></td>
</tr>
</table>
</form>
</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Dim rolesArray() As String
Public Sub Page_Load()
Msg.Text = ""
Try
If Not Roles.IsUserInRole(User.Identity.Name, "BUILTIN\Administrators") Then
Msg.Text = "You are not authorized to view user roles."
Return
End If
Catch e As HttpException
Msg.Text = "There is no current logged on user. Role membership cannot be verified."
Return
End Try
' Bind roles to GridView.
rolesArray = Roles.GetRolesForUser(User.Identity.Name)
UserRolesGrid.DataSource = rolesArray
UserRolesGrid.DataBind()
UserRolesGrid.Columns(0).HeaderText = "Roles for " & User.Identity.Name
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: View User Roles</title>
</head>
<body>
<form runat="server" id="PageForm">
<h3>View User Roles</h3>
<asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />
<table border="0" cellspacing="4">
<tr>
<td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid"
AutoGenerateColumns="false" Gridlines="None"
CellSpacing="0" >
<HeaderStyle BackColor="navy" ForeColor="white" />
<Columns>
<asp:TemplateField HeaderText="Roles" >
<ItemTemplate>
<%# Container.DataItem.ToString() %>
</ItemTemplate>
</asp:TemplateField>
</Columns>
</asp:GridView></td>
</tr>
</table>
</form>
</body>
</html>
Remarks
This method is called by the Roles class to retrieve from the Windows operating system a list of the Windows groups that the specified user is in. The GetRolesForUser method can be called only for the currently logged-on user, as identified by the LOGON_USER server variable. If the value supplied in the username parameter is not the name of the currently logged-on user, a System.Configuration.Provider.ProviderException is thrown.
For more information an ASP.NET and Windows authentication, see ASP.NET Authentication.
Applies to
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for