CResharper CResharper - 14 days ago 6
ASP.NET (C#) Question

C# Getting User Role always empty. Multiple ways tried, none work

i created a WebApplication which contains a

menu
. My goal is that a certain User-Group called
"mgaLVTSekretariat"
can't access the menu.

I am using ASP.Net, C# and EF6.

I tried these methods:

Opt. 1:

if (Roles.IsUserInRole(User.Identity.Name, "mgaLVTSekretariat"))
{
//my code to block the menu
}


Opt. 2:

if (User.IsInRole("mgaLVTSekretariat"))
{
//my code to block the menu
}


Opt. 3:

if (RolePrincipal.Current.IsInRole("mgaLVTAdministration"))
{
//my code to block the menu
}


When i execute my Program, the
if-statement
is never
true
. When i read out the value, the role is empty. In every Opt. i tried.

I am afraid that my mistake is in my Web.Config. So here it is:

<?xml version="1.0"?>
<!--
Weitere Informationen zum Konfigurieren der ASP.NET-Anwendung finden Sie unter
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>

<configSections>

<sectionGroup name="applicationSettings" type="System.Configuration.ApplicationSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<section name="Gmos.Foundation.CommonResourceSettings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false"/>
</sectionGroup>
<section name="infragistics.web" type="System.Configuration.SingleTagSectionHandler,System, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
<section name="nlog" type="NLog.Config.ConfigSectionHandler, NLog"/>
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=6.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false"/>
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
</configSections>
<infragistics.web styleSetName="Nautilus"/>
<nlog>
<extensions>
<add assembly="NLog.Extended"/>
</extensions>
<rules>
<logger name="*" levels="Info,Warn,Error,Fatal" writeTo="fileAll"/>
<logger name="*" levels="Warn,Error,Fatal" writeTo="fileWarning"/>
</rules>
</nlog>
<applicationSettings>

<Gmos.Foundation.CommonResourceSettings>
<setting name="GlobalResourcePath" serializeAs="String">
<value>\\pfsprog01\programs$\Webservices\__AppSettings\</value>
</setting>
<setting name="LocalResourcePath" serializeAs="String">
<value>./</value>
</setting>
<setting name="UseLocalResource" serializeAs="String">
<value>false</value>
</setting>
<setting name="DefaultLogoLink" serializeAs="String">
<value/>
</setting>
<setting name="DefaultLogoTooltip" serializeAs="String">
<value/>
</setting>
</Gmos.Foundation.CommonResourceSettings>
</applicationSettings>
<connectionStrings>
//Connectionstrings
</connectionStrings>
<appSettings>

<!-- System -->
<add key="ApplicationID" value="HTX"/>
<add key="ApplicationName" value="Lernende Administration"/>
<add key="ApplicationNameKurz" value="Lernende Administration"/>
<add key="VersionID" value="1.0.0"/>
<add key="Configuration" value="E"/>
<add key="PfadWebApi" value="http://localhost:24751/"/>
<add key="mailAbsenderDefault" value="halbtax@gmos.ch"/>
<add key="pfadMailTemplateHalbtax" value="C:\Projekte\Gmos.Halbtax\Gmos.Halbtax.Admin.Client.WebGui\MailTemplates"></add>
<!--<add key="pfadMailTemplateHalbtax" value="\\gmos.ch\WebServerFarm$\Farm_A\Entwicklung\Content\api.halbtaxbestellung.gmos.ch\MailTemplates"></add>-->

<!-- E=Entwicklung; T=Test; Q=Qualitaet; P=Produktion -->
</appSettings>

<!--
Eine Beschreibung der Änderungen von 'web.config' finden Sie unter 'http://go.microsoft.com/fwlink/?LinkId=235367'.

Die folgenden Attribute können für die <httpRuntime>-Kennung festgelegt werden.
<system.Web>
<httpRuntime targetFramework="4.5.2" />
</system.Web>
-->
<system.webServer>
<validation validateIntegratedModeConfiguration="false"/>
<modules runAllManagedModulesForAllRequests="true">
<remove name="ApplicationInsightsWebTracking" />
<remove name="WebDAVModule"/>
<!--<add name="ApplicationInsightsWebTracking" type="Microsoft.ApplicationInsights.Web.ApplicationInsightsHttpModule, Microsoft.AI.Web" preCondition="managedHandler" />-->
</modules>

<handlers accessPolicy="Read, Script">
<remove name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" />
<add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit"
path="*."
verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS"
modules="IsapiModule"
scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll"
preCondition="classicMode,runtimeVersionv4.0,bitness64"
responseBufferLimit="0" />

<remove name="WebDAV"/>
<!--<remove name="ExtensionlessUrlHandler-Integrated-4.0"/>-->
<remove name="OPTIONSVerbHandler"/>
<remove name="TRACEVerbHandler"/>


</handlers>


</system.webServer>

<system.web>
<roleManager enabled="true"/>
<httpHandlers>
<add path="ChartImg.axd" verb="GET,HEAD,POST,DELETE" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
validate="false" />
</httpHandlers>
<compilation debug="true" targetFramework="4.5.2"/>
<httpRuntime targetFramework="4.5"/>
<authentication mode="Windows"/>

<siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
<providers>
<add name="XmlSiteMapProvider" description="Default SiteMap provider." type="System.Web.XmlSiteMapProvider " siteMapFile="Web.sitemap" securityTrimmingEnabled="true"/>
</providers>
</siteMap>
<machineKey validationKey="A11233429FC0BB0107BC4593F963125F3D6057132F0DF614870B56F9A9F4C729AF3F0F692071893F98760EEE93CF812B34EA9AFD7D33C475536A41DFCC8BEA16" decryptionKey="603A95C7BC9CE0CF81BA5E7A8D5CE68C1245E033E041F46980665E465DE50580" validation="SHA1" decryption="AES"/>
<customErrors mode="On" defaultRedirect="Error.aspx"/>
<pages theme="GMOS_blau" controlRenderingCompatibilityVersion="4.0">
<controls>
<add tagPrefix="act" namespace="AjaxControlToolkit" assembly="AjaxControlToolkit, Version=4.5.7.0725, Culture=neutral, PublicKeyToken=28f01b0e84b6d53e"/>
<add tagPrefix="gmos" namespace="Gmos.WebUserControls" assembly="Gmos.WebUserControls"/>
<add tagPrefix="ig" namespace="Infragistics.Web.UI.LayoutControls"/>
</controls>
</pages>
</system.web>
<location path="Default.aspx">
<system.web>
<authorization>
<allow roles="mgaLVTAdministration, mgaLVTSekretariat"/>
<deny users="?"/>
</authorization>
</system.web>
</location>

<location path="Loadbalancer.aspx" allowOverride="true">
<system.web>
<authorization>
<allow users="?"/>
</authorization>
</system.web>
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="true"/>
<windowsAuthentication enabled="false"></windowsAuthentication>
</authentication>
</security>
</system.webServer>
</location>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework"/>
<providers>
<provider invariantName="System.Data.SqlClient" type="System.Data.Entity.SqlServer.SqlProviderServices, EntityFramework.SqlServer"/>
</providers>
</entityFramework>
<system.web.extensions>
<scripting>
<webServices>
<jsonSerialization maxJsonLength="50000000"/>
</webServices>
</scripting>
</system.web.extensions>
</configuration>


The Menu contains 3 different sites to open:


  • StammdatenHalbtax.aspx

  • StammdatenStatus.aspx

  • Default.aspx



I tried to block these 3 Sites in my Web.Config too:

<location path="Default.aspx">
<system.web>
<authorization>
<allow roles="mgaLVTAdministration, mgaLVTSekretariat"/>
<deny users="?"/>
</authorization>
</system.web>
</location>
<location path="StammdatenHalbtax.aspx">
<system.web>
<authorization>
<allow roles="mgaLVTSekretariat"/>
<deny users="?"/>
</authorization>
</system.web>
</location>
<location path="StammdatenStatus.aspx">
<system.web>
<authorization>
<allow roles="mgaLVTSekretariat"/>
<deny users="?"/>
</authorization>
</system.web>
</location>


Both Ways dont work. Any Suggestions?

Answer

Use a BinaryReader to convert the PostedFile to a byte array:

HttpPostedFile file = FileUploadPassfoto.PostedFile;
using (BinaryReader binaryReader = new BinaryReader(file.InputStream))
{
    lehrling.passfoto = binaryReader.ReadBytes(file.ContentLength);
}

Source