Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

BUG: You receive a "False" value when you call the User.IsInRole method in an ASP.NET application even though the user is assigned to the role


View products that this article applies to.

Symptoms

When you call the User.IsInRole method in a Microsoft ASP.NET application, you receive a False value from the method. This behavior occurs even though the user may be assigned to the role.

Note This issue occurs when the ASP.NET application is mapped to a Uniform Naming Convention (UNC) share.

↑ Back to the top


Workaround

To work around this issue, use one of the following methods:
  • Do not map the ASP.NET application to a UNC share.
  • Run the iisreset command after you add a user to a role but before you request an ASPX Web page.

↑ Back to the top


Status

Microsoft has confirmed that this is a bug in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top


More information

Steps to reproduce the issue

  1. Create a Microsoft Internet Information Services (IIS) application that is named Unc. To do this, follow these steps:
    1. Click Start, click Run, type inetmgr.exe, and then click OK.
    2. Expand ServerName.
    3. Right-click Web Sites, and then click New.
    4. Name the site Unc, and then click OK.
  2. Right-click Unc.
  3. In the Properties dialog box, click the Directory security tab.
  4. Under Anonymous access and authentication control, click Edit.
  5. Verify that the Anonymous access check box is selected.
  6. Click to select the Integrated Windows authentication check box.
  7. In the application folder, create an ASPX file that contains the following code example.
    <%@page language="cs"%>
    
    User.Identity.Name=<%=User.Identity.Name%><br>
    role=<%=Request.QueryString["role"]%><br>
    User.IsInRole(role)=<% = User.IsInRole(Request.QueryString["role"])%><br>
  8. Create a share that is mapped to this physical folder.
  9. Create the local user who is named MyUser. To do this, follow these steps:
    1. Click Start, click Run, type lusrmgr.msc, and then click OK.
    2. Right-click Users, and then click New User.
    3. Name the new user MyUser, and then click Create.
  10. Map the IIS application to the share that you created in step 8, and then connect to the share by using the MyUser account.

    Note Make sure that the MyUser account has Read user rights on the physical folder on the share.

    To do this, follow these steps:
    1. Click Start, click Run, type inetmgr.exe, and then click OK.
    2. Expand ServerName, and then expand Web Sites.
    3. Right-click your Web site, and then click Properties.
    4. Click the Home Directory tab.
    5. Click A share located on another computer.
    6. In the Network directory box, type the path of the application that you created in step 1.
    7. Click OK.
  11. Give the MyUser account Full access to the following folder:
    %windir%\Microsoft.NET\Framework\FrameworkBuild\Temporary ASP.NET Files
  12. Create a new role on your computer, and then assign the MyUser user to this role. To do this, follow these steps:
    1. Click Start, click Run, type lusrmgr.msc, and then click OK.
    2. Right-click Groups, and then click New Group.
    3. In the New Group dialog box, name the group MyRole, and then click Add.
    4. In the Enter the object names to select box, type MyUser, and then click Check Names.
    5. Click OK, and then click Create.
    6. Click Close.
  13. In a Web browser, open your ASPX page by passing the role in the query string. For example, open the following URL:
    http://YourServerName/unc/page.aspx?role=YourServerName\MyRole
  14. When IIS runs the ASPX page, you receive the following output:
    User.Identity.Name = MyUserRole = MyRoleUser.IsInRole(role)=False


    Note You expect to receive the following output:

    User.IsInRole(role)=True

↑ Back to the top


Keywords: KB894432, kbbug, kbnofix, kbaspnet, kbsecurity, kbiis

↑ Back to the top

Article Info
Article ID : 894432
Revision : 4
Created on : 4/22/2005
Published on : 4/22/2005
Exists online : False
Views : 296