tags:

views:

218

answers:

1
+1  Q: 

Roles.GetRolesForUser calls default role provider only?

I'm using multiple role providers, the standard SQL provider plus a custom one. Inside Global.asax - RoleManager_GetRoles I create a RolePrincipal for users that should use my custom provider with the provider name set to my custom provider, and let other users be handled as normal.

This almost works, asp.net allows access to pages protected via the web.config and calls my provider to get the list of roles. However, when I call Roles.GetRolesForUser() inside my code it only seems to invoke the default role provider, not my custom provider. If I set my custom provider to be the default, then it is invoked, but only it is ever invoked.

I've worked around it by instead enumerating the role providers and calling GetRolesForUser() on the provider with a matching name to the RolePrincipal, but it seems to me that Roles.GetRolesForUser() should be doing that by default.

Am I missing something? Thanks.

A: 

The RoleManager and RolePrincipal are different objects for different purposes.

I think what you want to be using is a call to GetRoles() on your RolePrincipal instance, rather than Roles.GetRolesForUser().

The difference is that an explicit RolePrincipal is defining the relationship between a user and a provider, whereas Roles is just a management object for role providers, and given no other information, will just use the default provider. From the documentation for RolePrincipal:

The RolePrincipal object implements the IPrincipal interface and represents the current security context for the HTTP request.

When role management is enabled (see Roles), the RoleManagerModule assigns a RolePrincipal object to the User property of the Current HttpContext.

The RolePrincipal class exposes the security identity for the current HTTP request and additionally performs checks for role membership. If CacheRolesInCookie is true, then the RolePrincipal object manages the cached list of roles and looks up role membership for the current user in the cached list first, then the role Provider. If CacheRolesInCookie is false, the RolePrincipal object always looks up role membership using the role provider.

Hope that helps.

womp  2009-12-15 17:54:44
That makes sense and matches the behavior I'm seeing. Unfortunately I'm dealing with a large amount of pre-existing code that uses Roles.GetRolesForUser().Time for a re-factoring I guess. Thanks.
Eddie  2009-12-15 18:07:05
No problem. If you get answers that help you, you should feel free to upvote them. ;)
womp  2009-12-15 18:41:18

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps