O'Reilly logo

Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB by Stefan Schackow, Bilal Haidar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

14.5. WindowsTokenRoleProvider

Although we will cover the SQL and AzMan providers in their Chapters 15 and 16, respectively, WindowsTokenRoleProvider has very limited functionality, so one section should suffice for explaining how it works. As the name suggests, the provider works with a Windows security token. Although the provider can theoretically run in any trust level (IsUserInRole will work in Minimal trust), it is intended for use at Low trust or above. Unlike other providers, WindowsTokenRoleProvider does not internally check the trust level during initialization. The reason for this is that if the runtime environment can get a Windows security token for a user, the provider will work. If the runtime environment cannot get a token, then the provider fails. So, explicitly checking trust levels at initialization time is not necessary for this provider.

The token the provider uses is the value from the Token property on a WindowsIdentity object. In an ASP.NET environment, the provider gets a WindowsIdentity from the User property on the HttpContext when using Windows authentication. In non-ASP.NET environments, the provider will get the token from Thread.CurrentPrincipal. For both runtime environments, these are the only two places the provider will look; there is no facility for passing an arbitrary token to the provider. In other words, WindowsTokenRoleProvider works only with the credentials of the currently executing user.

The provider supports only the following two ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required