Hi Guys,
I just heard about this list from Aaron today and am surprised I hadn't
heard about it any sooner. Regardless, i have a question to ask which i
hope somebody may be able to help me with.
I'm currently developing a series of Web Parts and need them to have
access to the WindowsPrincipal and DirectoryEntry classes.
I've been doing quite a bit of customisation of late but this has me
stumped!
The reason for this need is that our AD has certain groups set up which
needs to have access to some extra features - such as administrative
rights. This is a custom document library and the network administrator
wants to control access to certain parts of it via AD. Eg. I need to
check to see if a user is part of x, y and z groups before they can gain
access to the features.
So far the call is fairly simple and i'm using the WindowsPrincipal
object for verification:
WindowsPrincipal winPrincipal = new
WindowsPrincipal(WindowsIdendity.Identity.GetCurrent());
if (winPrincipal.IsInRole("rolename here"))
{
// do some code here
}
I've gotten past this point by adding the following to the
wss_minimaltrust.config file:
<SecurityClass Name="ADPermissions"
Description="System.Security.Principal, mscorlib, Version=2.0.0.0,
Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="ADSecPermissions"
Description="System.Security.Permissions.SecurityPermission, mscorlib,
version=2.0.0.0, PublicKeyToken=b77a5c561934e089" />
<SecurityClass Name="DirectoryServicePermission"
Description="System.DirectoryServices.DirectoryServicesPermission,
System.DirectoryServices, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a" />
<SecurityClass Name="DirectoryEntryPermission"
Description="System.DirectoryServices.DirectoryEntries,
System.DirectoryServices, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a" />
<IPermission
class="ADPermission"
version="1"
Unrestricted="true"
Flags="Execution, WindowsPrincipal"
/>
<IPermission
class="ADSecPermissions"
version="1"
Unrestricted="true"
Flags="Execution, WindowsPrincipal"
/>
<IPermission
class="DirectoryServicePermission"
version="1"
Unrestricted="true"
Flags="Execution"
/>
<IPermission
class="DirectoryEntryPermission"
version="1"
Unrestricted="true"
Flags="Execution, DirectoryEntry"
/>
Further to the WindowsPrincipal i need access to the DirectoryEntry
object as well to retrieve more information from the AD setup. Yet, i
cannot seem to get beyond this and each time the web part loads the user
is presented with a Windows logon which doesn't seem to work. Eg.
Logging in with the AD credentials isn't working.
Does anybody here have any suggestions as to what i'm missing?
Regards
<<image001.jpg>>
BEGIN:VCARD VERSION:2.1 X-MS-SIGNATURE:YES N:Madsen;Brian;H. FN:Brian H. Madsen ORG:Microsoft MVP Visual Developer ASP.Net TITLE:Software Engineer TEL;WORK;VOICE:+61 0437 415 334 X-MS-OL-DEFAULT-POSTAL-ADDRESS:0 URL;HOME:www.msmvps.com/blogs/brianmadsen URL;WORK:www.csharpzealot.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] X-MS-CARDPICTURE;TYPE=JPEG;ENCODING=BASE64: /9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAYEBQYFBAYGBQYHBwYIChAKCgkJChQODwwQFxQY GBcUFhYaHSUfGhsjHBYWICwgIyYnKSopGR8tMC0oMCUoKSj/2wBDAQcHBwoIChMKChMoGhYa KCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCj/wAAR CACUABsDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAA AgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkK FhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWG h4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl 5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREA AgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYk NOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOE hYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk 5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD6UVt3emvMq8Dk1CSQuAetRnrQBPGS75ap Me9NhGFqJ5BuOKAEJyaQctS0sYy/NAE/3Uz6DNUySeeKs3B2ofeoApPNADqlgGTmoqsRD5c+ tAENyfmA9KeowoFRMd8341IXwcUARr1qwxCxnHYYqKIZYfnTrg4QD3oAihHJNMdssakThPc9 KTyX9qAJYsDPr0pZE3HLnCjtTh6hcVX5dwCc80ASO4jHyLj61A0jZPzNUk5yR+dRYoAuSnCH 8qgjBLEjsKllIGAQT3xTUPy5wAM54oAZIBvJZvwpu5P7n602koAmlOXNK3yx/himAbmp0x4G PXNAEVJS0lAE0f3ifQU2X7+PTipIx8v1NQucnNACUlLSUAWiVC89h/Ooyqk9vzpZCNp9zUTd aAHGP0J/EUwoc/eH50ZI6Eil3t6/pQBI/wDD9KjbrRRQAlJRRQB//9k= X-MS-OL-DESIGN;CHARSET=utf-8:<card xmlns="http://schemas.microsoft.com/office/outlook/12/electronicbusinesscards"; ver="1.0" layout="right" bgcolor="ffffff"><img xmlns="" align="fit" area="11" use="cardpicture"/><fld xmlns="" prop="name" align="left" dir="ltr" style="b" color="000000" size="10"/><fld xmlns="" prop="org" align="left" dir="ltr" color="808080" size="8"/><fld xmlns="" prop="title" align="left" dir="ltr" color="808080" size="8"/><fld xmlns="" prop="blank" size="8"/><fld xmlns="" prop="telwork" align="left" dir="ltr" color="808080" size="8"/><fld xmlns="" prop="email" align="left" dir="ltr" color="808080" size="8"/><fld xmlns="" prop="blank" size="8"/><fld xmlns="" prop="webwork" align="left" dir="ltr" color="808080" size="8"/><fld xmlns="" prop="webhome" align="left" dir="ltr" color="808080" size="8"/><fld xmlns="" prop="blank" size="8"/><fld xmlns="" prop="blank" size="8"/><fld xmlns="" prop="blank" size="8"/><fld xmlns="" prop="blank" size="8"/><fld xmlns="" prop="blank" size="8"/><fld xmlns="" prop="blank" size="8"/><fld xmlns="" prop="blank" size="8"/></card> REV:20070915T132513Z END:VCARD
