Professional Web Applications Themes

PrincipalPermission Attribute and Nested Groups - ASP.NET Security

The Issue: Group A contains Group B Group B contains User 1. I want to check if User 1 is in Group A. This: [PrincipalPermission(SecurityAction.Demand,Role="Gr oup A")] Fails This: [PrincipalPermission(SecurityAction.Demand,Role="Gr oup B")] Succeeds. Since Group B is a memberOf Group A, they both should succeed. I have tried : WindowsIdentity identity = WindowsIdentity.GetCurrent(); WindowsPrincipal principal = new WindowsPrincipal(identity); if( principal.IsInRole("Group A")) { Debug.WriteLine("Yippee"); } And this does not work. Does anyone have a answer as to how I can quickly check to see if User 1 is in Group A...

  1. #1

    Default PrincipalPermission Attribute and Nested Groups

    The Issue:

    Group A contains Group B
    Group B contains User 1.

    I want to check if User 1 is in Group A.


    This:
    [PrincipalPermission(SecurityAction.Demand,Role="Gr oup A")]
    Fails

    This:
    [PrincipalPermission(SecurityAction.Demand,Role="Gr oup B")]
    Succeeds.


    Since Group B is a memberOf Group A, they both should succeed.

    I have tried :

    WindowsIdentity identity = WindowsIdentity.GetCurrent();
    WindowsPrincipal principal = new WindowsPrincipal(identity);
    if( principal.IsInRole("Group A"))
    {
    Debug.WriteLine("Yippee");
    }

    And this does not work.

    Does anyone have a answer as to how I can quickly check to see if User 1 is
    in Group A


    Anthony Christianson Guest

  2. #2

    Default Re: PrincipalPermission Attribute and Nested Groups

    This does definitely work. However, there are a few requirements:
    - Your AD domain needs to be in 2000 native mode or 2003 functional level
    - Group A needs to have the security bit set on the groupType

    If both of those are true, you should have no problems. If not, then that
    is the problem. If those are both true and it still isn't working, it could
    be an issue of having the group name (domain\samAccountName) incorrect.

    HTH,

    Joe K.

    "Anthony Christianson" <achristiansonmomentuminteractive.com> wrote in
    message news:udxMAHbHEHA.3564TK2MSFTNGP09.phx.gbl...
    > The Issue:
    >
    > Group A contains Group B
    > Group B contains User 1.
    >
    > I want to check if User 1 is in Group A.
    >
    >
    > This:
    > [PrincipalPermission(SecurityAction.Demand,Role="Gr oup A")]
    > Fails
    >
    > This:
    > [PrincipalPermission(SecurityAction.Demand,Role="Gr oup B")]
    > Succeeds.
    >
    >
    > Since Group B is a memberOf Group A, they both should succeed.
    >
    > I have tried :
    >
    > WindowsIdentity identity = WindowsIdentity.GetCurrent();
    > WindowsPrincipal principal = new WindowsPrincipal(identity);
    > if( principal.IsInRole("Group A"))
    > {
    > Debug.WriteLine("Yippee");
    > }
    >
    > And this does not work.
    >
    > Does anyone have a answer as to how I can quickly check to see if User 1
    is
    > in Group A
    >
    >

    Joe Kaplan \(MVP - ADSI\) Guest

Similar Threads

  1. Retrive data from attribute spaced attribute.
    By kruse in forum Coldfusion Database Access
    Replies: 3
    Last Post: January 4th, 12:27 PM
  2. Replies: 3
    Last Post: June 29th, 02:00 PM
  3. Users login: Nested groups.
    By Tomas Martinez in forum ASP.NET Security
    Replies: 1
    Last Post: January 20th, 04:17 PM
  4. Replies: 2
    Last Post: June 10th, 03:39 PM
  5. Getting AD Groups
    By in forum ASP.NET Security
    Replies: 3
    Last Post: May 27th, 02:16 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139