堆栈内存溢出
  简体   繁体   English

具有Active Directory身份验证的User.IsInRole

[英]User.IsInRole with Active Directory authentication

 原文  2011-08-19 14:14:02       c#/ active-directory

问题描述

I want to find out how the User.IsInRole function works with Windows Authentication. 我想找出User.IsInRole函数如何与Windows身份验证一起使用。 Does it only put them in one role, or is it somehow hierarchical? 它只是让他们扮演一个角色,还是某种程度上的等级制?

For example I have a domain group called "GroupB" and this group is a member of "GroupA", and another group called "GroupC" is a member of "GroupB". 例如,我有一个名为“ GroupB”的域组,该组是“ GroupA”的成员,另一个名为“ GroupC”的组是“ GroupB”的成员。 If I call User.IsInRole("GroupB") for userA, userB, and userC, will it only return true for userB? 如果我为userA,userB和userC调用User.IsInRole(“ GroupB”),它将仅对userB返回true吗? And what about if the user is a domain admin, does IsInRole() always returne true or false? 如果用户是域管理员,IsInRole()总是返回true或false怎么办?

I need this for cases where I want to make a group for external partners and I want make deciscions based upon this (like open internet explorer for internal users and special browser for external users, but if the internal user is the domain admin it would open a special browser if User.IsInRole always returns true for domain admins). 如果我想为外部合作伙伴组成一个小组,并希望基于此做出决定(例如,内部用户使用开放的Internet Explorer,外部用户使用特殊的浏览器,则需要这样做),但是如果内部用户是域管理员,它将打开如果User.IsInRole对于域管理员始终返回true,则为特殊的浏览器)。 I need to know exactly how this works for security reasons. 由于安全原因,我需要确切地知道这是如何工作的。

Thank you for helping. 感谢您的帮助。 I've searched the internet, and haven't been able to find any information about this. 我已经搜索了互联网,却找不到任何有关此的信息。

3 个解决方案

解决方案1
 1 已采纳  2011-08-19 14:42:27

In my experience, these functions are NOT recursive unless it specifically says it is. 以我的经验,除非明确指出,否则这些函数不是递归的。 UserPrincipal.GetAuthorizationGroups() for example is recursive. 例如, UserPrincipal.GetAuthorizationGroups()是递归的。

I don't believe User.IsInRole() is. 我不相信User.IsInRole()是。

解决方案2
 0  2011-08-19 14:25:26

I would suggest going through this site and its linked articles. 我建议浏览该网站及其链接的文章。 It will help you greatly. 它会极大地帮助您。 http://msdn.microsoft.com/en-us/library/z164t8hs(v=VS.71).aspx http://msdn.microsoft.com/en-us/library/z164t8hs(v=VS.71).aspx

解决方案3
 0  2011-08-20 18:11:23

User.IsInRole is going to be functionally recursive with Windows AuthN. User.IsInRole将使用Windows AuthN在功能上进行递归。 It is going off your security token which is built by AD/local SAM at logon. 它正在关闭您的安全令牌,该令牌是由AD /本地SAM在登录时构建的。 That token includes all of the groups you're a member of. 该令牌包括您所属的所有组。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Web App Active Directory用户角色与User.IsInRole - Web App Active Directory User Roles vs User.IsInRole 每次User.IsInRole是否在Active Directory中查找? - Does User.IsInRole lookup in Active Directory each time? User.IsInRole错误 - User.IsInRole error User.IsInRole 总是通过令牌认证返回 false - User.IsInRole always returns false with Token Authentication User.IsInRole在服务器上不起作用 - User.IsInRole is not working on server 如何教User.IsInRole - How to teach User.IsInRole 如果User.IsInRole有字符串数组? - If User.IsInRole with string array? User.IsInRole结果不正确 - User.IsInRole result is not right 在 Windows 身份验证的 ASP.Net 5 中使用 IIS Express/Kestrel 时,User.IsInRole 始终为 false - User.IsInRole is always false when using IIS Express / Kestrel in ASP.Net 5 with Windows Authentication 如何在HTML字符串中使用User.IsInRole()? - How to use User.IsInRole() in an HTML string?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM