Re: Authorization problem
From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 10/26/04
- Next message: Nikolay Petrov: "Re: Authorization problem"
- Previous message: David: "RE: Service unavailable on First call in synchronous mode only! questi"
- In reply to: Nikolay Petrov: "Re: Authorization problem"
- Next in thread: Nikolay Petrov: "Re: Authorization problem"
- Reply: Nikolay Petrov: "Re: Authorization problem"
- Reply: Patrick.O.Ige: "Re: Authorization problem"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 26 Oct 2004 11:43:51 -0500
'imports System.Security.Principal
'imports System.Reflection
Function GetRoles(byval identity as WindowsIdentity) as String()
Dim idType As Type
idType = GetType(WindowsIdentity)
Dim result As Object =
idType.InvokeMember("_GetRoles",BindingFlags.Static Or
BindingFlags.InvokeMethod Or BindingFlags.NonPublic,Nothing, identity, New
Object() {identity.Token}, Nothing)
Dim roles() As String = DirectCast(result, String())
Return roles
End Function
Like I said, this is for troubleshooting only, not for production code.
This may not work in future versions of the framework, but does on 1.1.
Joe K.
"Nikolay Petrov" <johntup2_nospam_@mail.bg> wrote in message
news:OHvb7S3uEHA.1988@TK2MSFTNGP12.phx.gbl...
> Never heard of reflection ;-)
> how to do?
>
>
> "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
> in message news:emupGP3uEHA.2116@TK2MSFTNGP14.phx.gbl...
>> One other thing to check:
>>
>> Can you do a programmatic check instead of a declarative one? Try
>> Context.User.IsInRole("machine\administrators") or
>> Thread.CurrentPrincipal.IsInRole("machine\administrators")?
>>
>> Those should do the same thing as the declarative demand, but it is worth
>> a shot.
>>
>> Another thing to try is to use reflection on _GetRoles private method on
>> WindowsIdentity to see what the actual values are. This can be helpful
>> for troubleshooting Windows group resolution. Don't use this in
>> production though!
>>
>> Google will dig up a bunch of code samples showing how to do that if you
>> need it.
>>
>> Joe K.
>>
>> "Nikolay Petrov" <johntup2_nospam_@mail.bg> wrote in message
>> news:eVwiaG3uEHA.3948@TK2MSFTNGP15.phx.gbl...
>>>I have done that. It is fine.
>>> Something else is broken. The auditing don't show nothing also.
>>>
>>> "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com>
>>> wrote in message news:efhvF42uEHA.1976@TK2MSFTNGP09.phx.gbl...
>>>> Are you certain that the client is being authenticated with Windows
>>>> authentication? It would probably be a good idea to dump out the value
>>>> of Context.User.Identity.Name and make sure it is the user that you
>>>> think it is.
>>>>
>>>> Joe K.
>>
>>
>
>
- Next message: Nikolay Petrov: "Re: Authorization problem"
- Previous message: David: "RE: Service unavailable on First call in synchronous mode only! questi"
- In reply to: Nikolay Petrov: "Re: Authorization problem"
- Next in thread: Nikolay Petrov: "Re: Authorization problem"
- Reply: Nikolay Petrov: "Re: Authorization problem"
- Reply: Patrick.O.Ige: "Re: Authorization problem"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
