Issue reading user roles when using forms login with AD

Hi All,

I'm trying to setup an intranet that restricts access based off of user roles.  At first I setup windows authentication using the windows token role provider.  In order to test this, I made a page that would list all the active directory groups the logged in user was part of in a drop down menu called RoleList.  The code behind for this is below:

protected void Page_Load(object sender, EventArgs e)
    {
        RoleList.Items.Clear();
        string[] roleNames;
        roleNames = Roles.GetRolesForUser();

        foreach (string roleName in roleNames)
        {
                RoleList.Items.Add(roleName);
        }
    }

 
The above code works great.  I'm now trying to change the authentication from windows to forms (still using the active directory as the membership provider).  I've successfully setup the login, but now I get the following error when I try to use Roles.GetRolesForUser():

"Method is only supported if the user name parameter matches the user name in the current Windows Identity."

It looks like while I'm able to authenticate using the active directory, the login name for the session is stored differently, so it's getting an error when trying to look up the groups.  I'm using sAMAccountName for the attributeMapUsername property, and when I view the login name I get the following based on authentication type:

Windows authentication: OMNI-GUIDE\temp
Forms authentication: temp

Anyone know how to get around this?  I can supply the web.config info if it will be helpful.  Thanks for the help!

0
jrusk
5/4/2009 5:48:33 PM
asp.net.security 27051 articles. 1 followers. Follow

0 Replies
1099 Views

Similar Articles

[PageSpeed] 15
Get it on Google Play
Get it on Apple App Store

Reply:

Similar Artilces:

login security issue
I see 2 boys sitting together that are not supposed to be. When questioned, they said...well...Brandon can't remember his I.D. number so I just let him use my username and password. �If we type it in and hit enter at the exact same time it will log us both in!!!! �I watched them and it worked. Consecutive logins are set at 1. Has anyone seen this.......is there a fix? Netware 6, service pack 3, Windows 98, Novell Client 3.3 >Consecutive logins are set at 1. Concurrent. >Has anyone seen this.......is there a fix? Many many times. Someone reports this he...

how can i implement login & authorization for users and role based application security without using built in contols like CreateUserWizard or login or something else
hi i'm neeraja i'm new to this .net, and i'm implementing application security can anyone help me out that how can i implement login & authorization for users and role based application security without using built in contols like CreateUserWizard or login or something else  Hi,Check out this linkhttp://www.codeproject.com/aspnet/formsroleauth.asp this will guide you to do the role base security .RegardsGanesan S"Hard Work Never Fails"Please "Mark as Answered" if helpful for you....

Creating a user to login with using the Login Control and the Ad provider... can't log user in after creation
  Hi I'm trying to create a user in AD from a web form, and then have the user be able to login to a web form with the login control and the Ad provider.   I have a user created by someone else in AD that can log in, but when I create the user using the code below they can't login.   Does anyone have any idea what I'm not doing to enable this user correctly, hes in the same ou and the same groups as the user that can login. the only difference i can see is the display name is not set and the AdminCount has not been set yet...&n...

Using AD/Forms-Authentication, using "User"-Objects in database-relations
Hello,I couldn't think of a better subject, sorry. I want to write an application in which users are allowed to do for instance postings and other kind of stuff. Every post is linked to exactly one user.At the moment I want to use forms authentication using the SqlMembershipProvider but perhaps in the future this will change to windows authentication with the ADMembershipProvider. Therefore I am not sure what to do about these "User"-objects. Should I create my own UserTable with a primary key "UserName" and link this (not inside the database) to the MembershipProvider's username? I tried to...

Login script using @NET USE for login name
--____SJDNMAUHJRPPCUAIVNQS____ Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 Content-Disposition: inline; modification-date="Thu, 27 Aug 2008 11:50:31 -0400" Q3VycmVudGx5IHVzaW5nIHRoZSBmb2xsb3dpbmcgdG8gbWFwIGEgaG9tZSBkaXJlY3Rvcnkgb24g YSBNQUMgT1NYIHNlcnZlciBmb3IgdXNlcnMgbG9nZ2luZyBpbnRvIGEgTmV0d2FyZSA2LjUgc2Vy dmVyLg0KDQpJRiBMT0dJTl9OQU1FPCJFIiBUSEVODQogICBATkVUIFVTRSBIOiBcXFNKUFMtT1NY MVxIT01FX0RJUkVDVE9SSUVTXFRFQUNIRVJTQS1EXCVMT0dJTl9OQU1FICAvUEVSU0lTVEVOVDpO Tw0KICAgV1JJVEUgIk1BUFBJTkcgVE8gT1NYMSINCkVORA0KDQpUaGlzIHdvcmtzIGZvciB1c2Vy cyB3...

Any security issues using Impersonation along with Forms Authentication with Integrated Security (SQL SERVER 2000)?
I currently running a ASP.NET application (Visual studio 2003) with SQL Server 2000. For security I am using forms authentication and integrity security for sql server enabling the ASP.NET account. I am developing a module that create, delete and upload files on  a network directory. If I set impersonation in the web config to true and specify a username/password  will that conflict with my current security? Would it be better to make impersonation specific to this page? Any ideas on the approach?  Thanks    ...

Security/User Roles Issue
Anyone having issues with the Portal Starter Kit security model? I've run into several different scenarios where the PortalSecurity.IsInRole method doesn't seem to be doing what it's advertised to do. I'm not looking for anything specific here, though I do have pointed failure examples if anyone is interested. More than anything, I was hoping to commiserate with someone else in the interest of potentially solving what appears to be an endemic "Portal Problem." Thanks, D-...

Any way in IIS 6.0 to secure a directory using a database with logins without using Forms Authentication and Mapping?
I need to protect all files in a directory on a web server. My users have a desktop application they use to connect to the server and look for updates. I had implemented Forms authentication for the directory I'm protecting and included wildcard mapping in IIS. This works very well for when someone tries to access the updates via a web browser. But, the desktop application crashes out because when it accesses that directory, the RedirectURL from the forms authentication won't work. The application doesn't know to open a web browser and ask for authentication.  I may...

non .net form issue within a .net form tag
this may be a bad question... but I am adding a shopping cart to my asp.net website and it calls for the following code for the 'buy now' buttons: <form method="POST" action=http://www.cart.net/cart.aspx/CartName><input type="hidden" name="ID" value="IDName"><input type="hidden" name="Describe" value="IDName Description"><input type="hidden" name="Price" value="100.00"><input type="hidden" name="QtyMax" value="1"><input t...

using AD for users to login to workstations
we've kept clear of AD until now, but with Windows Vista desktops eminent it looks like we may have to deploy AD for users to login to desktops. I'm hesitant as I know nothing of AD - if we're just using this for users to authenticate to workstations... does this require PDC and BDC and MS DNS and all the other junk I've been hearing? On Wed, 25 Feb 2009 01:31:12 +0000, Steven Wilson wrote: > I'm hesitant as I know nothing of AD - if we're just using this for > users to authenticate to workstations... does this require PDC and BDC > and MS DNS a...

Adding users to roles manually issue.
I am trying to add the user that is logged in to a role via code.I am using: Roles.AddUserToRole(Membership.GetUser().ToString() As String, student As String) I get the error: Make sure that the class defined in this code file matches the 'inherits' attribute, and that it extends the correct base class. I am clueless as to what I am doing wrong? Any help is appeciated. Thanks guys,    I've used this technique; there must be many ways to add roles,HttpContext.Current.User = New System.Security.Principal.GenericPrincipal(User.Identity, arrayOfRoles)N...

Adding a user to a role using CreateUserWizard
 Hello, I am trying to add a user to a role using the asp.net CreateUserWizard control.  The roles are programmatically databound to a CheckBoxList in the PageLoad event.I have something like this....                <asp:CreateUserWizardStep ID="CreateUserWizardStep1" runat="server" Title="Step 1: Basic User Information">                    <ContentTemplate>  &nbs...

Cannot open user default database. Login failed. Login failed for user 'DOMAIN\User'. (.Net SqlClient Data Provider)
Hi when i try and open a database in sql server management studio i get the error "Cannot open user default database. Login failed. Login failed for user 'DOMAIN\User'. (.Net SqlClient Data Provider)", what can i do to rectify this, i have googled around and still havent found no answers. Which authentication mode is your Sql Server configured - MixedMode, Windows Authentication or Sql Server Authentication? Please refer to http://msdn2.microsoft.com/en-us/library/ms366351.aspx and http://blogs.msdn.com/sql_protocols/archive/2006/02/21/536201.aspx    Ple...

Creating User Account Without Default Security Role (Registered User Role)
  My DNN version is 3.1.1. The portal is set to Private Registration. Unauthenicated users have access to the basic pages of the site. We require my company's current customers to register and be approved to have access to all other pages that contain information restricted to them (the major part of the site). As you know, authorizing a user account applys the Registered User security role by default and this is how I control access to the customer areas.  We want to create a page that will be used by Marketing to allow potential customers by login to...

Web resources about - Issue reading user roles when using forms login with AD - asp.net.security

The Oracle, Reading - Wikipedia, the free encyclopedia
51°27′12″N 0°58′21″W  /  51.45328°N 0.97239°W  / 51.45328; -0.97239 Coordinates : 51°27′12″N 0°58′21″W  /  51.45328°N 0.97239°W  / 51.45328; ...

"What’s more wholesome than reading? Yet books wield a dangerous power: the best erode self, infecting ...
... – the romantic expressions of wish-fulfillment, for example, that led Emma Bovary down the garden path of adultery – but also because reading ...

Empire State Manufacturing Index Posts Horrific -19.37, Lowest Reading Since April 2009
... reports starting with Empire State Manufacturing. The Econoday Consensus estimate was for a slight improvement to -4 from a November reading ...

What I've Been Reading
The Opposite of Loneliness by Marina Keegan . A collection of wonderfully written short stories and essays by a young and promising writer. The ...

Weekend Reading: Interest Rate Pegs with a Finite Horizon Omega Point
**Nick Rowe**: [Interest Rate Pegs with a Finite Horizon Omega Point](http://worthwhile.typepad.com/worthwhile_canadian_initi/2016/01/intere ...

Lawsuit accuses Fitbit of putting users in danger with 'wildly inaccurate' heart-rate readings
... fitness technology firm, is being sued by a group of users who say the company's wearable devices provide "wildly inaccurate" heart-rate readings. ...

Amazon adds blue-light filter to Fire tablets for improved nighttime reading
The update also adds new tools to better help parents manage what kids can and can't do on Fire tablets.

5 steps to easy reading on your iPhone
Stop squinting your way through articles and emails.

Recommended Reading: The brilliance of David Bowie
'Heroes,' Heavenly Bodies and David Bowie's Untouchable Brilliance Bomani Jones, Playboy I've followed the work of ESPN's Bomani Jones long enough ...

Reading Into Samsung's Preliminary Q4'15 Numbers
Samsung Electronics published a mixed set of preliminary results for Q4 2015 on Friday, indicating that its operating profits likely grew by ...

Resources last updated: 1/17/2016 5:09:55 PM