How to Authorize Imperatively

- J.D. Meier, Carlos Farre, Jason Taylor, Prashant Bansode, Steve Gregersen, Madhu Sundararajan, Rob Boucher

Imperative role-based authorization is written into your code and processed at runtime. Imperative security is useful when the resource to be accessed or action to be performed is not known until run time or when finer-grained access control beyond the level of a code method is required.

Authorize windows groups imperatively by using the principal.InInRole . The code snippet below exemplifies the authorization check:
string RequiredGroup = "Administrators";
 	IPrincipal principal=System.Threading.Thread.CurrentPrincipal;
        if (principal.IsInRole(RequiredGroup))
            return string.Format("You entered: {0}", value);
        else
            return "not authorized";  

Additional Resources

Last edited Jun 13, 2008 at 6:10 PM by prashantbansode, version 1

Comments

No comments yet.