WindowsTokenRoleProvider.IsUserInRole Method (String, String)
Gets a value indicating whether the specified user is in the specified Windows group.
Assembly: System.Web (in System.Web.dll)
Parameters
- username
-
Type:
System.String
The user name to search for in the form DOMAIN\username.
- roleName
-
Type:
System.String
The Windows group to search in the form DOMAIN\rolename.
Return Value
Type: System.Booleantrue if the specified user name is in the specified Windows group; otherwise, false.
| Exception | Condition |
|---|---|
| System.ArgumentNullException | username is null. -or- roleName is null. |
| System.Configuration.Provider.ProviderException | The currently executing user does not have an authenticated WindowsIdentity attached to Page.User. For non-HTTP scenarios, the currently executing user does not have an authenticated WindowsIdentity attached to Thread.CurrentPrincipal. -or- username does not match the Name of the current WindowsIdentity. -or- A failure occurred while retrieving the user's Windows group information. |
The IsUserInRole method is called by the Roles class and the IsInRole method of the User property to determine whether a user is in a Windows group. You can call the IsUserInRole method only for the currently logged-on user, as identified by the LOGON_USER server variable. The current logged-on user must be a Windows authenticated user. For more information on ASP.NET and Windows authentication, see ASP.NET Authentication.
The following code example programmatically checks whether the currently logged-on user is in the Administrators role before allowing the user to view roles information for the application. For an example of a Web.config file that enables role management, see WindowsTokenRoleProvider.
Available since 2.0