How to get list of groups the user is associated with in Azman?

Question

Hi,

I'm able to get the roles associated with the authenticated user but not the groups. Is there a way to get the groups

WindowsIdentity userIdentity = HttpContext.Current.User.Identity as WindowsIdentity;

AzAuthorizationStoreClass azManStore = new AzAuthorizationStoreClass();

string storeConnectionString = ConfigurationManager.ConnectionStrings["<CONN STRING>"].ConnectionString;

azManStore.Initialize(0, storeConnectionString, null);

IAzApplication azApp = azManStore.OpenApplication("<APP NAME>", null);

ulong token = (ulong)userIdentity.Token;

IAzClientContext ctx = azApp.InitializeClientContextFromToken(token, null);

object roles = ctx.GetRoles(String.Empty);

Answer 1

I have not found a way. On my project we had one requirement for this and ended up doing a simplistic implementation that walked through each Group and checked if the user was a member. The problem with this approach is that it ignores membership via groups in groups and also membership via the user being a member of an AD group that is a member of the AzMan group. You could grow the solution to cover these scenarios, but ultimately I think that when you start asking questions like this, you might be heading down the role-based security path with Azman (which is operation (or task) based security).