locked
Different links for different groups. RRS feed

  • Question

  • User-2079623988 posted

    Hello.

    I have made a webpage that is using users windows credentials. No user/pass

    I want to have a few links on the page. Some link will be the same for everyone, but
    some links be different depending on what group in AD they are member of.
    And of course will only the member of the group have access to the page, and admin group.

    Lets say member of the groups "workers" can enter the page to find the link to page workers.aspx or
    member of the group "secretary" find the same link but will enter the secretary.aspx


    Hope you understand what I mean
    Anyone can point me in the right direction?

    Bruno

    Friday, June 16, 2006 9:04 AM

All replies

  • User643971085 posted
    I, too, have a problem similiar to this.  I want to limit access to certain parts of a page depending on what groups a logged on user is a member of.  First, I set up in web.config key/value pairs that told which groups can access which pages.

    From there, I want to (when loading the page), compare the groups in web.config to the groups that the current logged on user is a member of.  

    I'm running into problems, though, in getting the logged on user.  Using windows-authentication (not anonymous), HttpContext.Current.User.Identity.Name.ToString() gives me the current user, but I can't get the AD information.  I was using System.Security.Principal.WindowsIdentity.GetCurrent(), but while working locally, when on the server it returns the ASP.NET user.  Bah!  I don't know how to get the AD information for the actual current user, not the ASP.NET user that is running things.

    Hope this helps some, and if you get any other answers, I'd be interested in seeing them.  Good luck!
    Monday, June 19, 2006 9:44 AM
  • User1354132231 posted
    Use the Context.User.IsInRole() functionality for simple solution or AzMan for more complex.  The value for method will generally be 'domain\groupname'.  If you want to declaratively protect these pages, use the <location> tag with allow and deny subtags for the page(s) in question.  Make sure you are using IWA (not Anonymous).

    Essentially, as long as you have the roles on the IPrincipal object for your user, you can control what shows programmatically using IsInRole().  You can protect whole pages and sections using web.config and <location> tags.
    Monday, June 19, 2006 1:39 PM