tags:

views:

265

answers:

1
+5  Q: 

How do I assign a Role to an OpenId user for an ASP.NET MVC site?

Hi Folks,

I'm using OpenId in my ASP.NET MVC application. Works great :) Once i have the user's OpenId Identifier (once they have authenticated and returned to my site), i load up the users data (to get display name, etc).

From here, i also know their roles.

I'm not sure how to assign the role to the current Forms.Identity.

here's my code...

// Load User...
var user = GetUsers().ByOpenIdIdentifier("blahblahblahbl....");

// Here means we have a user AND all the roles, for that user.

// Forms Authenticate and Redirect.
FormsAuthentication.SetAuthCookie(user.DisplayName, true);
return RedirectToAction("Index", "Home");

How can i change this code so the authenticated user also has their roles assigned?

Update

I stumbled across this web post about making a custom Authorize attribute. Notice how they are checking the logged in users role that exists in the session? Also, the roles are an enumeration :) This is pretty funky, if u ask me :) Nice and simple.

Thoughts (compared to a full on blown RoleProvider class?)

+3  A: 

You'll need to write your own RoleProvider and hook it up in the web.config file. Your RoleProvider will take the user's name and figure out their role(s). IPrincipal.IsInRole uses the configured RoleProvider to determine role membership.

tvanfosson  2009-06-02 13:32:14
holy eeks! that seems like so much work :( I wsa hoping to just manually add the role to the IIdentity .. and it was going to be as simple as that :(
Pure.Krome  2009-06-02 14:07:15
It's not that bad, especially if your role store is SQL. You might actually be able to use the existing ASP.NET SQL role provider or extend it. Even writing your own is not that bad. The number of methods, if I recall, may be daunting but they aren't particularly complex.
tvanfosson  2009-06-02 14:38:36
I agree that the number of methods are daunting, but not complex. It's just the size of the thing, to only figure out if a user is Admin or Not. In my user table, i have a bit field. I'm not going to have multiple roles. This is why i'm a bit .. daunted.
Pure.Krome  2009-06-03 07:48:20

related questions

What's the best way to implement field validation using ASP.NET MVC?
How do I handle page flow in MVC (particularly asp.net)
Entity diagrams in ASP.NET MVC
How do I get rid of Home in ASP.Net MVC?
Can I generate ASP.NET MVC routes from a Sitemap?
ASP.NET Model-view-controller (MVC) - where do I start from?
user controls and asp.net mvc
ASP.Net MVC route mapping
RSS Feeds in ASP.NET MVC
Open Source Licensing Options for ASP.NET MVC Application?
Does the OutputCacheFilter in the Microsoft MVC Preview 4 actually save on action invocations?
MVC Learning Resources
Validating posted form data in the ASP.NET MVC framework
Best mock framework that can do both WebForms and MVC?
Use the routing engine for form submissions in ASP.NET MVC Preview 4
How do you get a custom id to render using HtmlHelper in MVC
MVC Preview 4 - No route in the route table matches the supplied values.
Is there a way to include a fragment identifier when using Asp.Net MVC ActionLink, RedirectToAction, etc. ?
In ASP.NET MVC I encounter an incorrect type error when rendering a user control with the correct typed object
ASP.NET MVC - Is it worth it yet?
Multiple languages in an ASP.NET MVC application?
Is it better to create Model classes, or just stick with generic database utility class?
ASP.NET MVC Without Visual Studio
ASP.NET MVC "CRUD" Database Sample
How to RedirectToAction in ASP.NET MVC without losing request data