This sample will show you how to retrieve login & group membership for Windows users of your application. This allows the application to enable application features(controls for example) based upon a user's identity. In addition, it will show how to make role-based security demands via code.
The main form has a tab control with two pages. The first tab page retrieves user login information to create a WindowsPrincipal object. The properties of the WindowsIdentity are displayed. The code uses the IsInRole method to check the CheckBox controls based on group membership. The second tab page contains Button controls that execute code to open a secured form based on security demands. If the user is a member of the Windows group, the protected form opens. If a security exception occurs as a result of the user not being a member of the group, a message is displayed.
Requires the Trial or Release version of Visual Studio .NET Professional (or greater).
When you click the button, Retrieve User Information, the program checks for the current logged in user to see if she is a member of four groups:
The group Managers is a custom group which you will need to create. If the user is not a member of a requested group the checkbox next to the group name will not be checked. In addition, if the custom group Managers does not exist, the check box will also not be checked. Note that an exception will not occur if the group is not there.
If you make changes to your current group membership in Windows in order to test the code (such as by creating a Managers group and adding your account to it), then you will need to log off and log on again before those changes will take effect.
Please see the comments for additional information.