Bill's Security Tips

Home  [Bill's Home]

Role-based Security

The Microsoft .NET environment now offers an excellent alternative to Java in producing portable and secure code. It uses a role-based approach for user authentication, with the WindowsIndentity class, where the GetCurrent() method can be used to get the current user. The WindowsPrincipal class can then be used to apply the role.


Your ID
Authenication type:
Your role:


The code is:


protected void Button1_Click2(object sender, EventArgs e)


WindowsIdentity myID = WindowsIdentity.GetCurrent();
tbRole1.Text= myID.Name;
tbRole2.Text= myID.AuthenticationType;
WindowsPrincipal myPrin = new WindowsPrincipal(myID);
if (myPrin.IsInRole(WindowsBuiltInRole.Administrator))
  tbRole3.Text="You're an Administrator ";
else tbRole3.Text="You're not an Administrator";