Clarity, Technology, and Solving Problems | PracticeThis.com
WP7 App with Key Windows Azure resources – Slides, Videos, How-To’s, and T-shooting – for quick consumption on the go.
This post outlines necessary steps in order to implement basic ASP.NET RoleManager for claims aware applications. One of the possible scenarios where it could be applicable is when migrating ASP.NET web application that already uses RoleManager to be claims aware.
“I have built an ASP.NET web application that authenticates its users using Forms Based authentication. I implemented authorization using built in ASP.NET RoleManager using SQL Server store for roles. We are migrating to federated authentication but we want to leave the code unchanged as much as possible. How to do it?”
The rest of the post walks through the steps of creating a sample application that uses RoleManager for authorization and then moving it to the Claims Aware application without altering the code while preserving the authorization role checks.
<authorization> <deny users="?"/> </authorization>
string roles = Roles.GetAllRoles();
using System.Web.Security; using Microsoft.IdentityModel.Claims; using System.Web;
var id = HttpContext.Current.User.Identity as IClaimsIdentity; return (from c in id.Claims where c.ClaimType == ClaimTypes.Role select c.Value).ToArray();
<roleManager enabled="true" defaultProvider="MyClaimsRoleProvider"> <providers> <clear /> <add name="MyClaimsRoleProvider" type="ClaimsRoleProvider.MyClaimsRoleProviderImplementation, ClaimsRoleProvider"/> </providers> </roleManager>
<httpRuntime requestValidationMode="2.0"/> <pages validateRequest="false"/>
I will be using SelfSTS as a test platform for my experiment. But it can be accomplished with any Security Token Service such as ADFS v2.0 or Azure AppFabric Access Control Service (ACS) v2. SelfSTS is not intended for production use.