Login/Register
Restrict access to a WPF view based on AD group membership
Asked Answered
Solved c#wpfsecurityactive-directoryactive-directory-group
T

1

5

We have a WPF application. We would like to resrict access to the application based on the users AD group membership.

Could we do this as an attribute on each view, or as a check when the user starts the application?

Any code example would be appreciated.

Tweed answered 23/1, 2012 at 11:49 Comment(2)
What exactly is your problem? Querying the AD? Restricting access to a view based on a certain criteria?Reputed
I want to check if the user is a member of group X, if he is not a member I want to block him. Maybe I simply have to query AD, or maybe there is a more elegant solution with some attribute I can put on the view.Tweed
A
7

The easiest way to do this on .NET 3.5 and up would be to use the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:

Basically, you can define a domain context and easily find users and/or groups in AD:

// set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

// get your group in question
GroupPrincipal group = GroupPrincipal.FindByIdentity(ctx, "YourGroupNameHere");

// check if current user is member of that group
UserPrincipal user = UserPrincipal.Current;

if(user.IsMemberOf(group))
{
   // do something here....     
}

The new S.DS.AM makes it really easy to play around with users and groups in AD!

Archipelago answered 23/1, 2012 at 12:36 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.