A while ago one of my customer asked me to extend the Windows authentication process within an ASP.NET intranet application. The custom roles for the authenticated users should be determined by querying special flags in a database table and by querying the Active Directory for that user.
One way to accomplish this task is to create a custom class which derives from WindowsPrincipal called RolesWindowsPrincipal. The new class extends the existing class with methods to add new roles depending on the queries described above.
The implementation is quite simple:
public class RolesWindowsPrincipal : WindowsPrincipal
{
List _roles;
public RolesWindowsPrincipal(WindowsIdentity identity) : base(identity)
{
_roles=new List();
}
public override bool IsInRole(string role)
{
return _roles.Contains(role);
}
public void AddRole(string role)
{
_roles.Add(role);
}
}
SAP / .NET Interoperability 