How do I use Windows Groups for role authorization in ASP.NET 2.0?

From Guidance Share

Jump to: navigation, search

J.D. Meier, Prashant Bansode, Alex Mackman


If you use Windows authentication, you can use ASP.NET 2.0 role manager with the WindowsTokenRoleProvider for role-based authorization using Windows groups. Enable role manager by setting the *enabled* attribute on the <roleManager> element to *true*. Note that the machine level Web.config file contains a default configuration for a WindowsTokenRoleProvider instance named AspNetWindowsTokenRoleProvider. You can use this provider instance and set it as the default provider by modifying your Web.config file as follows.

   <roleManager enabled="true" 
       defaultProvider="AspNetWindowsTokenRoleProvider" />

To check role membership to authorize callers, use the role manager APIs such as IsUserInRole.


More Information

For information on using WindowsTokenRoleProvider, see “How To: Use Role Manager in ASP.NET 2.0” at

Personal tools