WindowsTokenRoleProvider.IsUserInRole Method (String, String)
Assembly: System.Web (in system.web.dll)
public boolean IsUserInRole ( String username, String roleName )
public override function IsUserInRole ( username : String, roleName : String ) : boolean
Not applicable.
Parameters
- username
The user name to search for in the form DOMAIN\username.
- roleName
The Windows group to search in the form DOMAIN\rolename.
Return Value
true if the specified user name is in the specified Windows group; otherwise, false.| Exception type | Condition |
|---|---|
|
username is a null reference (Nothing in Visual Basic). -or- roleName is a null reference (Nothing in Visual Basic). | |
|
The currently executing user does not have an authenticated WindowsIdentity attached to Page.User. For non-HTTP scenarios, the currently executing user does not have an authenticated WindowsIdentity attached to Thread.CurrentPrincipal. -or- username does not match the Name of the current WindowsIdentity. -or- A failure occurred while retrieving the user's Windows group information. |
The IsUserInRole method is called by the Roles class and the IsInRole method of the User property to determine whether a user is in a Windows group. You can call the IsUserInRole method only for the currently logged-on user, as identified by the LOGON_USER server variable. The current logged-on user must be a Windows authenticated user. For more information on ASP.NET and Windows authentication, see ASP.NET Authentication.
The following code example programmatically checks whether the currently logged-on user is in the Administrators role before allowing the user to view roles information for the application. For an example of a Web.config file that enables role management, see WindowsTokenRoleProvider.