Do Per-Request (Custom) Roles exist for ASP.NET and ActiveDirectory?

My vision includes having globally defined roles which are pushed from AD but also I'd like to be able to add to Context.User.IsInRole("ATransientRoleForThisDocumentOnly") and have that work...

I thought about pushing roles into the Thread.CurrentPrincipal and passing in Context.User.Identity and an array of roles but I was concerned about getting all the ADRoles that you get out of the box, I really just want to add some AdHoc roles that will live for the lifetime of the request.

Does that seem possible? All Role manager methods are static so even if I did custom role manager how would that manager know that for document-id #1 that you're reader... while on document #2 you're read/write?

Answers


Inherit from a Security class that allows you to override CreatePermission, for instance CodeAccessSecurityAttribute and return this :

public override IPermission CreatePermission()
{
  return new PrincipalPermission(string.Empty, "MyCustomRole");
}

Need Your Help

How to display short read only FlowDocument in a label-like control

c# wpf .net-3.5 label flowdocument

I am looking for a way to present short FlowDocument strings in a label-like control.

How to unit test with Java Swing JOptionPane Confirm Dialog

java swing unit-testing joptionpane

I have a java swing application which expects the users to choose YES or NO from JOptionPane.showConfirmDialog