WindowsTokenRoleProvider.IsUserInRole Method (String, String)
Gets a value indicating whether the specified user is in the specified Windows group.
Assembly: System.Web (in System.Web.dll)
Parameters
- username
-
Type:
System.String
The user name to search for in the form DOMAIN\username.
- roleName
-
Type:
System.String
The Windows group to search in the form DOMAIN\rolename.
Return Value
Type: System.Booleantrue if the specified user name is in the specified Windows group; otherwise, false.
| Exception | Condition |
|---|---|
| System.ArgumentNullException | username is null. -or- roleName is null. |
| System.Configuration.Provider.ProviderException | The currently executing user does not have an authenticated WindowsIdentity attached to Page.User. For non-HTTP scenarios, the currently executing user does not have an authenticated WindowsIdentity attached to Thread.CurrentPrincipal. -or- username does not match the Name of the current WindowsIdentity. -or- A failure occurred while retrieving the user's Windows group information. |
The IsUserInRole method is called by the Roles class and the IsInRole method of the User property to determine whether a user is in a Windows group. You can call the IsUserInRole method only for the currently logged-on user, as identified by the LOGON_USER server variable. The current logged-on user must be a Windows authenticated user. For more information on ASP.NET and Windows authentication, see ASP.NET Authentication.
The following code example programmatically checks whether the currently logged-on user is in the Administrators role before allowing the user to view roles information for the application. For an example of a Web.config file that enables role management, see WindowsTokenRoleProvider.
<%@ Page Language="C#" %> <%@ Import Namespace="System.Web.Security" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <script runat="server"> string[] rolesArray; public void Page_Load() { Msg.Text = ""; try { if (!Roles.IsUserInRole(User.Identity.Name, @"BUILTIN\Administrators")) { Msg.Text = "You are not authorized to view user roles."; return; } } catch (HttpException e) { Msg.Text = "There is no current logged on user. Role membership cannot be verified."; return; } // Bind roles to GridView. rolesArray = Roles.GetRolesForUser(User.Identity.Name); UserRolesGrid.DataSource = rolesArray; UserRolesGrid.DataBind(); UserRolesGrid.Columns[0].HeaderText = "Roles for " + User.Identity.Name; } </script> <html xmlns="http://www.w3.org/1999/xhtml" > <head> <title>Sample: View User Roles</title> </head> <body> <form runat="server" id="PageForm"> <h3>View User Roles</h3> <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br /> <table border="0" cellspacing="4"> <tr> <td valign="top"><asp:GridView runat="server" CellPadding="4" id="UserRolesGrid" AutoGenerateColumns="false" Gridlines="None" CellSpacing="0" > <HeaderStyle BackColor="navy" ForeColor="white" /> <Columns> <asp:TemplateField HeaderText="Roles" > <ItemTemplate> <%# Container.DataItem.ToString() %> </ItemTemplate> </asp:TemplateField> </Columns> </asp:GridView></td> </tr> </table> </form> </body> </html>
Available since 2.0