IsInRole Authorization in ASP.NET Application Configured for Federated Authentication Using Windows Identity Foundation (WIF) and Azure AppFabric Access Control Service
To implement Role Based Access Control using IsInRole in your ASP.NET web application that is configured for federated authentication using Windows Identity Foundation (WIF) and Azure AppFabric Access Control Service follow the steps outlined in this blog.
Summary of steps
- Step 1 – Configure role claims in ACS
- Step 2 – Implement access checks
- Step 3 – Test your work
Step 1 – Configure role claims in ACS
To configure role claims in ACS follow these steps:
- Navigate to Access Control Service management portal.
- Click on Relying Party.
- Choose your application.
- Choose desired Rule Group, make sure it is checked.
- Add new rule.
- Specify https://schemas.microsoft.com/ws/2008/06/identity/claims/role as output type.
- Specify User as role name.
- Click Save button.
You have just configured every token to have role User. You rule might be more complex as Rule Group and Rules Editor permits.
Step 2 – Implement access checks
In your application you can use on of four methods to check role. One is using Url authorization in web.config and three others might look as follows:
public partial class _default : System.Web.UI.Page
{
//THIS SHOULD THROW AN EXCEPTION
[PrincipalPermission(SecurityAction.Demand, Role = "User")]
protected void Page_Load(object sender, EventArgs e)
{
//THIS SHOULD THROW AN EXCEPTION
PrincipalPermission p = new PrincipalPermission(null, "User");
p.Demand();
//THIS RETURNS BOOL
if (!User.IsInRole("User"))
throw new SecurityException("Access is denied.");
}
}
Step 3 – Test your work
Run your code – it should just work, if not – let me know.
Download sample code here.
Related Books
- Programming Windows Identity Foundation (Dev - Pro)
- A Guide to Claims-Based Identity and Access Control (Patterns & Practices) – free online version
- Developing More-Secure Microsoft ASP.NET 2.0 Applications (Pro Developer)
- Ultra-Fast ASP.NET: Build Ultra-Fast and Ultra-Scalable web sites using ASP.NET and SQL Server
- Advanced .NET Debugging
- Debugging Microsoft .NET 2.0 Applications