WindowsTokenRoleProvider.IsUserInRole Method (String, String)
Gets a value indicating whether the specified user is in the specified Windows group.
Assembly: System.Web (in System.Web.dll)
'Declaration Public Overrides Function IsUserInRole ( _ username As String, _ roleName As String _ ) As Boolean
Parameters
- username
- Type: System.String
The user name to search for in the form DOMAIN\username.
- roleName
- Type: System.String
The Windows group to search in the form DOMAIN\rolename.
Return Value
Type: System.Booleantrue if the specified user name is in the specified Windows group; otherwise, false.
| Exception | Condition |
|---|---|
| System.ArgumentNullException | username is Nothing. -or- roleName is Nothing. |
| System.Configuration.Provider.ProviderException | The currently executing user does not have an authenticated WindowsIdentity attached to Page.User. For non-HTTP scenarios, the currently executing user does not have an authenticated WindowsIdentity attached to Thread.CurrentPrincipal. -or- username does not match the Name of the current WindowsIdentity. -or- A failure occurred while retrieving the user's Windows group information. |
The IsUserInRole method is called by the Roles class and the IsInRole method of the User property to determine whether a user is in a Windows group. You can call the IsUserInRole method only for the currently logged-on user, as identified by the LOGON_USER server variable. The current logged-on user must be a Windows authenticated user. For more information on ASP.NET and Windows authentication, see ASP.NET Authentication.
The following code example programmatically checks whether the currently logged-on user is in the Administrators role before allowing the user to view roles information for the application. For an example of a Web.config file that enables role management, see WindowsTokenRoleProvider.
<%@ Page Language="VB" %> <%@ Import Namespace="System.Web.Security" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> Dim rolesArray() As String Public Sub Page_Load() Msg.Text = "" Try If Not Roles.IsUserInRole(User.Identity.Name, "BUILTIN\Administrators") Then Msg.Text = "You are not authorized to view user roles." Return End If Catch e As HttpException Msg.Text = "There is no current logged on user. Role membership cannot be verified." Return End Try ' Bind roles to GridView. rolesArray = Roles.GetRolesForUser(User.Identity.Name) UserRolesGrid.DataSource = rolesArray UserRolesGrid.DataBind() UserRolesGrid.Columns(0).HeaderText = "Roles for " & User.Identity.Name End Sub </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Sample: View User Roles</title> </head> <body> <form runat="server" id="PageForm"> <h3>View User Roles</h3> <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br /> <table border="0" cellspacing="4"> <tr> <td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid" AutoGenerateColumns="false" Gridlines="None" CellSpacing="0" > <HeaderStyle BackColor="navy" ForeColor="white" /> <Columns> <asp:TemplateField HeaderText="Roles" > <ItemTemplate> <%# Container.DataItem.ToString() %> </ItemTemplate> </asp:TemplateField> </Columns> </asp:GridView></td> </tr> </table> </form> </body> </html>
Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.