Export (0) Print
Expand All

WindowsTokenRoleProvider.IsUserInRole Method (String, String)

Gets a value indicating whether the specified user is in the specified Windows group.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)

public override bool IsUserInRole(
	string username,
	string roleName
)

Parameters

username
Type: System.String

The user name to search for in the form DOMAIN\username.

roleName
Type: System.String

The Windows group to search in the form DOMAIN\rolename.

Return Value

Type: System.Boolean
true if the specified user name is in the specified Windows group; otherwise, false.

ExceptionCondition
System.ArgumentNullException

username is null.

-or-

roleName is null.

System.Configuration.Provider.ProviderException

The currently executing user does not have an authenticated WindowsIdentity attached to Page.User. For non-HTTP scenarios, the currently executing user does not have an authenticated WindowsIdentity attached to Thread.CurrentPrincipal.

-or-

username does not match the Name of the current WindowsIdentity.

-or-

A failure occurred while retrieving the user's Windows group information.

The IsUserInRole method is called by the Roles class and the IsInRole method of the User property to determine whether a user is in a Windows group. You can call the IsUserInRole method only for the currently logged-on user, as identified by the LOGON_USER server variable. The current logged-on user must be a Windows authenticated user. For more information on ASP.NET and Windows authentication, see ASP.NET Authentication.

The following code example programmatically checks whether the currently logged-on user is in the Administrators role before allowing the user to view roles information for the application. For an example of a Web.config file that enables role management, see WindowsTokenRoleProvider.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

string[] rolesArray;

public void Page_Load()
{
  Msg.Text = "";

  try
  {
    if (!Roles.IsUserInRole(User.Identity.Name, @"BUILTIN\Administrators"))
    {
      Msg.Text = "You are not authorized to view user roles.";
      return;
    }
  }
  catch (HttpException e)
  {
    Msg.Text = "There is no current logged on user. Role membership cannot be verified.";
    return;
  }


  // Bind roles to GridView.

  rolesArray = Roles.GetRolesForUser(User.Identity.Name);
  UserRolesGrid.DataSource = rolesArray;
  UserRolesGrid.DataBind();

  UserRolesGrid.Columns[0].HeaderText = "Roles for " + User.Identity.Name;
}

</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: View User Roles</title>
</head>
<body>

<form runat="server" id="PageForm">

  <h3>View User Roles</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  <table border="0" cellspacing="4">
    <tr>
      <td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid" 
                                     AutoGenerateColumns="false" Gridlines="None" 
                                     CellSpacing="0" >
                         <HeaderStyle BackColor="navy" ForeColor="white" />
                         <Columns>
                           <asp:TemplateField HeaderText="Roles" >
                             <ItemTemplate>
                               <%# Container.DataItem.ToString() %>
                             </ItemTemplate>
                           </asp:TemplateField>
                         </Columns>
                       </asp:GridView></td>
    </tr>
  </table>

</form>

</body>
</html>

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5, 3.0, 2.0
Show:
© 2015 Microsoft