views:

83

answers:

0

Hi everybody,

I have a situation with my ASP.NET MVC 2 application that when I use [Authorize(Roles = "Admin,User,Test")] attribute on any of the controller methods, my custom role provider is not called. Tricky part is that when I run the application in visual studio web dev server, this GetRolesForUser is called every time. When I install the application to IIS, this is not happening anymore.

I'm running windows 7 x64 Enterprise.

Role provider is configured in web.config as follows:

<roleManager defaultProvider="GTTRoleProvider" enabled="true">
      <providers>
        <clear />
        <add name="GTTRoleProvider" type="GTT.Security.GTTRoleProvider, GTT.Security" applicationName="GTT" />
      </providers>
    </roleManager>

In Role provider implementation I have this method implemented as follows:

public override string[] GetRolesForUser(string username)
        {
            if (log.IsDebugEnabled)
                log.DebugFormat("Gettings roles for user {0}", username);

            BaseConfiguration cfg = new BaseConfiguration();
            using (ISession session = cfg.OpenSession())
            {
                IUserDAO userDao = new UserDAO(session);
                GUser user = userDao.GetByUserName(username);
                return new string[] { user.BaseRole.Name };
            }
        }

What am I doing wrong or what am I missing?

t. Erki.

[EDIT: 1] I managed to track down my source of problems - I had a custom Principal class implemented as well, but I supplied empty roles to base GenericPrincipal constructor. After filling this with the user's roles, everything started to work. But GetRolesForUser method is still not executed for my custom role provider. Can anyone explain why this worked in ASP.NET development server (inside Visual Studio) and not in IIS?