Reputation: 722
Web App Active Directory User Roles vs User.IsInRole
I need a bit of advice. I'm extending a web app to integrate with AD member roles, and not too sure whether i can rely on User.IsInRole to have the member role information. Initial tests show me it does, but what is the difference between using this, and writing a class to return the user roles with DirectorySearcher/AccountManagement for example?
Is one solution better than the other?
It looks to me as though it achieves the same thing in this case. Am i right?
Thanks.
Upvotes: 2
Views: 2045
Answers (2)
Reputation: 93464
Just use Users.IsInRole. Don't make things harder on yourself. This is what it's for.
Upvotes: 0
Reputation: 69280
If you use active directory authorization Users.IsInRole checks if the user is member of the given group. It is not exactly the same as checking the groups that the user belongs to, because that only gives the direct memberships. Users.IsInRole also checks nested group membership. An example:
UserAis a member ofGroupAGroupAis a member ofGroupB
Now if you check the direct memberships of UserA you will only get GroupA. But Users.IsInRole will indicate that UserA is a member of GroupB thanks to the nesting.
Upvotes: 4
Related Questions
- ASP.NET active directory authentication User.IsInRole
- Proper way to assess Role in Authorization as User.IsInRole() always returns false
- ASP.NET Membership - Which RoleProvider to use so User.IsInRole() checks ActiveDirectory Groups?
- Roles - Issue with User.IsInRole
- Role.IsUserInRole
- User.IsInRole vs Roles.IsUserInRole in AuthenticateRequest
- User.IsInRole with Active Directory authentication
- Why should we choose PrincipalPermission over IsInRole()?
- Difference between Roles.GetRolesForUser and Roles.Provider.GetRolesForUser?
- Why doesn't User.IsInRole work in this context?