ClientRoleProvider.GetRolesForUser(String) Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Gets the names of the roles that the specified user belongs to.
public:
override cli::array <System::String ^> ^ GetRolesForUser(System::String ^ username);public override string[] GetRolesForUser (string username);override this.GetRolesForUser : string -> string[]Public Overrides Function GetRolesForUser (username As String) As String()Parameters
- username
- String
The name of the user to retrieve roles for.
Returns
The role names that username belongs to or an empty array if the user is not authenticated.
Exceptions
Examples
The following example code demonstrates how to use this method to determine whether the user login has expired before testing role membership. This code assumes that all valid users are associated with one or more roles. In this case, the GetRolesForUser method will not return any roles for a previously-authenticated user whose login has expired. If the user login has expired, this code displays the login dialog box. Otherwise, it calls the IsUserInRole method to determine whether the user is in the "manager" role. The restricted code is in a PerformManagerTask method, which is not provided.
private void AttemptManagerTask()
{
System.Security.Principal.IIdentity identity =
System.Threading.Thread.CurrentPrincipal.Identity;
// Return if the authentication type is not "ClientForms".
// This indicates that the user is logged out.
if (!identity.AuthenticationType.Equals("ClientForms")) return;
try
{
ClientRoleProvider provider =
(ClientRoleProvider)System.Web.Security.Roles.Provider;
String userName = identity.Name;
// Determine whether the user login has expired by attempting
// to retrieve roles from the service. Call the ResetCache method
// to ensure that the roles are retrieved from the service. If no
// roles are returned, then the login has expired. This assumes
// that every valid user has been assigned to one or more roles.
provider.ResetCache();
String[] roles = provider.GetRolesForUser(userName);
if (roles.Length == 0)
{
MessageBox.Show(
"Your login has expired. Please log in again to access " +
"the roles service.", "Attempting to access user roles...");
// Call ValidateUser with empty strings in order to
// display the login dialog box configured as a
// credentials provider.
if (!System.Web.Security.Membership.ValidateUser(
String.Empty, String.Empty))
{
MessageBox.Show("Unable to authenticate. " +
"Cannot retrieve user roles.", "Not logged in",
MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
}
if (provider.IsUserInRole(userName, "manager"))
{
PerformManagerTask();
}
}
catch (System.Net.WebException)
{
MessageBox.Show(
"Unable to access the remote service. " +
"Cannot retrieve user roles.", "Warning",
MessageBoxButtons.OK, MessageBoxIcon.Warning);
}
}
Private Sub AttemptManagerTask()
Dim identity As System.Security.Principal.IIdentity = _
System.Threading.Thread.CurrentPrincipal.Identity
' Return if the authentication type is not "ClientForms".
' This indicates that the user is logged out.
If Not identity.AuthenticationType.Equals("ClientForms") Then Return
Try
Dim provider As ClientRoleProvider = _
CType(System.Web.Security.Roles.Provider, ClientRoleProvider)
Dim userName As String = identity.Name
' Determine whether the user login has expired by attempting
' to retrieve roles from the service. Call the ResetCache method
' to ensure that the roles are retrieved from the service. If no
' roles are returned, then the login has expired. This assumes
' that every valid user has been assigned to one or more roles.
provider.ResetCache()
Dim roles As String() = provider.GetRolesForUser(userName)
If roles.Length = 0 Then
MessageBox.Show( _
"Your login has expired. Please log in again to access " & _
"the roles service.", "Attempting to access user roles...")
' Call ValidateUser with empty strings in order to
' display the login dialog box configured as a
' credentials provider.
If Not System.Web.Security.Membership.ValidateUser( _
String.Empty, String.Empty) Then
MessageBox.Show("Unable to authenticate. " & _
"Cannot retrieve user roles.", "Not logged in", _
MessageBoxButtons.OK, MessageBoxIcon.Error)
Return
End If
End If
If provider.IsUserInRole(userName, "manager") Then
PerformManagerTask()
End If
Catch ex As System.Net.WebException
MessageBox.Show( _
"Unable to access the remote service. " & _
"Cannot retrieve user roles.", "Warning", _
MessageBoxButtons.OK, MessageBoxIcon.Warning)
End Try
End Sub
Remarks
The GetRolesForUser method retrieves role information for the current, authenticated user, which you must specify in the username parameter. You can get the user name through the static Thread.CurrentPrincipal property as follows: Thread.CurrentPrincipal.Identity.Name.
The service provider caches role information about the local file system to avoid unnecessary service calls. For more information, see the ClientRoleProvider class overview.
