I’m trying to integrate OpenID into my MVC3 Razor application. The OpenID is working but when I try and test a User’s membership in a Role the test fails.
Two Roles:
“MainUser” with one user named “User”.
“GuestUser” with one user named “Guest”.
Here’s my form in my Logon.cshtml
<form action="Authenticate?ReturnUrl=@HttpUtility.UrlEncode(Request.QueryString["ReturnUrl"])" method="post" id="openid_form">
<input type="hidden" name="action" value="verify" />
<div>
<fieldset>
<legend>Login using OpenID</legend>
<div class="openid_choice">
<p>
Please click your account provider:</p>
<div id="openid_btns">
</div>
</div>
<div id="openid_input_area">
@Html.TextBox("openid_identifier")
<input type="submit" value="Log On" />
</div>
<noscript>
<p>
OpenID is service that allows you to log-on to many different websites using a single
indentity. Find out <a href="http://openid.net/what/">more about OpenID</a> and
<a href="http://openid.net/get/">how to get an OpenID enabled account</a>.</p>
</noscript>
<div>
@if (Model != null)
{
if (String.IsNullOrEmpty(Model.UserName))
{
<div class="editor-label">
@Html.LabelFor(model => model.OpenID)
</div>
<div class="editor-field">
@Html.DisplayFor(model => model.OpenID)
</div>
<p class="button">
@Html.ActionLink("New User ,Register", "Register", new { OpenID = Model.OpenID })
</p>
}
else
{
//user exist
<p class="buttonGreen">
@Model.UserName,
@if (Roles.IsUserInRole("MainUser"))
{ <a href="@Url.Action("Index", "Main")">Welcome @Model.UserName, Continue... </a> }
@if (Roles.IsUserInRole("GuestUser"))
{ <a href="@Url.Action("Index", "Guest")">Welcome @Model.UserName, Continue... </a> }
<a href="@Url.Action("Index", "Main")">Role test failed for @Model.UserName </a>
</p>
}
}
</div>
</fieldset>
</div>
</form>
I run the app and successfully authenticate with OpenId and get a green block containing:
User, Role test failed for User
This shows a successful logon as “User” and that it made it to the else code block but the IsUserInRole test failed.
If I add the not operator to the first test [ @if (!Roles.IsUserInRole(“MainUser”)) ] the test passes.
The question is why does “User” fail the IsUserInRole test. I’ve triple checked that I have all my Roles and Users spelled correctly and that the Users are in the proper Roles.
Any help appreciated.
If you are only using OpenId without any support from FormsAuthentication that it could be that the RoleProvider does not know how to check the roles. The
Roles.IsUserInRolemethod relies uponRoleProvider.IsUserInRoleto check whether a currently active user belongs to the requested role. The actual return value ofRoleProvider.IsUserInRoleaccording to MSDN documentation is:This applicationName should be set in the web.config file. If you are not using RoleProvider then that is the reason why your check keeps failing. RoleProvider is defined as following in configuration/system.web:
Of course, this expects you to store your roles in aspnetdb database. However, you can implement your own RoleProvider if this one does not suit you well.