I'm able to get the roles associated with the authenticated user but not the groups. Is there a way to get the groups
WindowsIdentity userIdentity = HttpContext.Current.User.Identity as WindowsIdentity;
AzAuthorizationStoreClass azManStore = new AzAuthorizationStoreClass();
string storeConnectionStri开发者_如何学Pythonng = ConfigurationManager.ConnectionStrings["<CONN STRING>"].ConnectionString;
azManStore.Initialize(0, storeConnectionString, null);
IAzApplication azApp = azManStore.OpenApplication("<APP NAME>", null);
ulong token = (ulong)userIdentity.Token;
IAzClientContext ctx = azApp.InitializeClientContextFromToken(token, null);
object roles = ctx.GetRoles(String.Empty);
I have not found a way. On my project we had one requirement for this and ended up doing a simplistic implementation that walked through each Group and checked if the user was a member. The problem with this approach is that it ignores membership via groups in groups and also membership via the user being a member of an AD group that is a member of the AzMan group. You could grow the solution to cover these scenarios, but ultimately I think that when you start asking questions like this, you might be heading down the role-based security path with Azman (which is operation (or task) based security).
精彩评论