GetRolesForUser not getting called

Topics: Web Client Software Factory, UIP Application Block discussion, User Forum
Jan 8, 2008 at 7:36 PM
Hi,

Reference: Web Client Reference Implementation (http://www.codeplex.com/websf/Release/ProjectReleases.aspx?ReleaseId=7630)

Similar to above project, I am using custom role provider which implements GetRolesForUser to return roles of user. Also I am using authorizationProviders to protect web pages by role.

In reference implementation, GetRolesForUser is being called whenever user requests any page but in my application this method is not getting called at all. Because of this even if user belongs to correct group, it is throwing This type of page is not served error.

However, when I call Roles.GetRolesForUser, it in turns call my GetRolesForUser. So I think configuration is correct in web.config file.

Please help.

Thanks,
Mahesh
Jan 9, 2008 at 1:19 PM
Hi Mahesh,

I have exactly the same problem.

Some extra info:
- in an asp.net development server the code works. I can debug the custom roleprovider and see that it's ok.
- in IIS things are different. The urls the modules' web.configs cannot be the same as used in the development server:

devserver
<authorization>
<rule Url="~/ExampleModule/Default.aspx" Rule="AllowMyRule" />
...

IIS
<authorization>
<rule Url="http://myfriendlyurl/ExampleModule/Default.aspx" Rule="AllowMyRule" />
...

When I debug the IIS application I can see that my authorization services are initialized, but GetRolesForUser is never called. Every page will appear without authorization warnings.
When I change
<rule Url="http://myfriendlyurl/ExampleModule/Default.aspx" Rule="AllowMyRule" />
to
<rule Url="~/ExampleModule/Default.aspx" Rule="AllowMyRule" />
the website will throw an authorization warning when I hit the default.aspx page but the rolemanager is not hit (so this must mean that the url without the first url is correct).

No further ideas as of yet..

Regards,

Mike
Jan 10, 2008 at 1:40 PM
Mahesh,

Did you check that your website has anonymous access (IIS directory security)?
If the site allows anonymous access, then the profileprovider will not be called, since there is no identity.

If you do need anonymous access, you can use forms authentication or for example you can do this in global.asax:
protected void ApplicationAuthenticateRequest(Object sender, EventArgs e)_
{
if (((WindowsIdentity)HttpContext.Current.User.Identity).IsAnonymous)
{
HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(new GenericIdentity("AnyUserYouWantBasedOnBusinessLogic"), null);
}
}

M.
Jan 11, 2008 at 7:41 AM
I am working in application where-in there is only one .aspx page called default.aspx. The page is dynamically populated with usercontrols with the kind of request asked for. Since there is only one page in entire application the PageFlow logic couldn't be applied. Is there any wayout to apply the same with UserControls. If not is it being thought off or upcoming with next release ???

I guess i made my problem clear. Awaiting for some quick response.

Thanks
Abhijit

Jan 14, 2008 at 10:47 PM
Thanks Mies. It worked as you said.


Mies75 wrote:
Mahesh,

Did you check that your website has anonymous access (IIS directory security)?
If the site allows anonymous access, then the profileprovider will not be called, since there is no identity.

If you do need anonymous access, you can use forms authentication or for example you can do this in global.asax:
protected void ApplicationAuthenticateRequest(Object sender, EventArgs e)_
{
if (((WindowsIdentity)HttpContext.Current.User.Identity).IsAnonymous)
{
HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(new GenericIdentity("AnyUserYouWantBasedOnBusinessLogic"), null);
}
}

M.

Jan 15, 2008 at 2:17 PM
Hi Mies,

Have you solved your problem?

I am using <rule Url="~/ExampleModule/Default.aspx" Rule="AllowMyRule" /> this type of URL mapping and it is working in IIS too. I think somehow HttpContext.Current.User object is not getting initialized in your case.

But for sure, <rule Url="~/ExampleModule/Default.aspx" Rule="AllowMyRule" /> this type of mapping would work

Thanks,
Mahesh


Mies75 wrote:
Hi Mahesh,

I have exactly the same problem.

Some extra info:
- in an asp.net development server the code works. I can debug the custom roleprovider and see that it's ok.
- in IIS things are different. The urls the modules' web.configs cannot be the same as used in the development server:

devserver
<authorization>
<rule Url="~/ExampleModule/Default.aspx" Rule="AllowMyRule" />
...

IIS
<authorization>
<rule Url="http://myfriendlyurl/ExampleModule/Default.aspx" Rule="AllowMyRule" />
...

When I debug the IIS application I can see that my authorization services are initialized, but GetRolesForUser is never called. Every page will appear without authorization warnings.
When I change
<rule Url="http://myfriendlyurl/ExampleModule/Default.aspx" Rule="AllowMyRule" />
to
<rule Url="~/ExampleModule/Default.aspx" Rule="AllowMyRule" />
the website will throw an authorization warning when I hit the default.aspx page but the rolemanager is not hit (so this must mean that the url without the first url is correct).

No further ideas as of yet..

Regards,

Mike


Jan 15, 2008 at 2:56 PM
Hi Mahesh,

I'm glad to hear it helped you out.
I forgot to mention that part, after disabling anonymous access I could indeed delete the http://friendlyurl and it's working!

Regards,

Mike


maheshnimbalkar wrote:
Hi Mies,

Have you solved your problem?

I am using <rule Url="~/ExampleModule/Default.aspx" Rule="AllowMyRule" /> this type of URL mapping and it is working in IIS too. I think somehow HttpContext.Current.User object is not getting initialized in your case.

But for sure, <rule Url="~/ExampleModule/Default.aspx" Rule="AllowMyRule" /> this type of mapping would work

Thanks,
Mahesh