Edit

Share via


ClientRoleProvider.IsUserInRole(String, String) Method

Definition

Gets a value indicating whether the specified user is in the specified role.

public:
 override bool IsUserInRole(System::String ^ username, System::String ^ roleName);
public override bool IsUserInRole (string username, string roleName);
override this.IsUserInRole : string * string -> bool
Public Overrides Function IsUserInRole (username As String, roleName As String) As Boolean

Parameters

username
String

The name of the user.

roleName
String

The name of the role.

Returns

true if the specified user is in the specified role; false if the specified user is not authenticated or is not in the specified role.

Exceptions

username is Empty or null.

-or-

username is not the user name of the current, authenticated user.

The user is no longer authenticated.

-or-

The roles service is not available.

Examples

The following example code demonstrates how to access this method directly to determine whether the user is in a particular role. This code first tests whether the user login has expired. An explicit ClientRoleProvider reference is required to call the GetRolesForUser method, so the same reference is used to call the IsUserInRole method. If the user is in the "manager" role, this code calls a PerformManagerTask method, which is not provided.

private void AttemptManagerTask()
{
    System.Security.Principal.IIdentity identity =
        System.Threading.Thread.CurrentPrincipal.Identity;

    // Return if the authentication type is not "ClientForms". 
    // This indicates that the user is logged out.
    if (!identity.AuthenticationType.Equals("ClientForms")) return;

    try
    {
        ClientRoleProvider provider =
            (ClientRoleProvider)System.Web.Security.Roles.Provider;
        String userName = identity.Name;

        // Determine whether the user login has expired by attempting
        // to retrieve roles from the service. Call the ResetCache method
        // to ensure that the roles are retrieved from the service. If no 
        // roles are returned, then the login has expired. This assumes 
        // that every valid user has been assigned to one or more roles.
        provider.ResetCache();
        String[] roles = provider.GetRolesForUser(userName);
        if (roles.Length == 0)
        {
            MessageBox.Show(
                "Your login has expired. Please log in again to access " +
                "the roles service.", "Attempting to access user roles...");

            // Call ValidateUser with empty strings in order to 
            // display the login dialog box configured as a 
            // credentials provider.
            if (!System.Web.Security.Membership.ValidateUser(
                String.Empty, String.Empty))
            {
                MessageBox.Show("Unable to authenticate. " +
                    "Cannot retrieve user roles.", "Not logged in",
                    MessageBoxButtons.OK, MessageBoxIcon.Error);
                return;
            }
        }

        if (provider.IsUserInRole(userName, "manager"))
        {
            PerformManagerTask();
        }
    }
    catch (System.Net.WebException)
    {
        MessageBox.Show(
            "Unable to access the remote service. " +
            "Cannot retrieve user roles.", "Warning",
            MessageBoxButtons.OK, MessageBoxIcon.Warning);
    }
}
Private Sub AttemptManagerTask()

    Dim identity As System.Security.Principal.IIdentity = _
        System.Threading.Thread.CurrentPrincipal.Identity

    ' Return if the authentication type is not "ClientForms". 
    ' This indicates that the user is logged out.
    If Not identity.AuthenticationType.Equals("ClientForms") Then Return

    Try

        Dim provider As ClientRoleProvider = _
            CType(System.Web.Security.Roles.Provider, ClientRoleProvider)
        Dim userName As String = identity.Name

        ' Determine whether the user login has expired by attempting
        ' to retrieve roles from the service. Call the ResetCache method
        ' to ensure that the roles are retrieved from the service. If no 
        ' roles are returned, then the login has expired. This assumes 
        ' that every valid user has been assigned to one or more roles.
        provider.ResetCache()
        Dim roles As String() = provider.GetRolesForUser(userName)
        If roles.Length = 0 Then

            MessageBox.Show( _
                "Your login has expired. Please log in again to access " & _
                "the roles service.", "Attempting to access user roles...")

            ' Call ValidateUser with empty strings in order to 
            ' display the login dialog box configured as a 
            ' credentials provider.
            If Not System.Web.Security.Membership.ValidateUser( _
                String.Empty, String.Empty) Then

                MessageBox.Show("Unable to authenticate. " & _
                    "Cannot retrieve user roles.", "Not logged in", _
                    MessageBoxButtons.OK, MessageBoxIcon.Error)
                Return

            End If

        End If

        If provider.IsUserInRole(userName, "manager") Then
            PerformManagerTask()
        End If

    Catch ex As System.Net.WebException

        MessageBox.Show( _
            "Unable to access the remote service. " & _
            "Cannot retrieve user roles.", "Warning", _
            MessageBoxButtons.OK, MessageBoxIcon.Warning)

    End Try

End Sub

Remarks

You can determine whether an authenticated user is in a particular role by calling the IsInRole method of the IPrincipal returned by the static Thread.CurrentPrincipal property. For applications configured to use client application services, this property returns a ClientRolePrincipal. Because this class implements the IPrincipal interface, you do not need to reference it explicitly. The ClientRolePrincipal.IsInRole method internally calls the IsUserInRole method. The IsUserInRole method uses the GetRolesForUser method to determine whether the user indicated by username is in the role indicated by roleName.

The service provider caches role information about the local file system to avoid unnecessary service calls. For more information, see the ClientRoleProvider class overview.

Applies to

See also