Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
AD directory user-groups; can IdentityRole be subclassed to implement Role-Groups or User-Groups #2057
If you're using AD we tend to believe AD is the one true source of truth, it's what keeps AD administrators happy. If you use integrated authentication then IsInRole() will work, or you configure ADFS to pass the group membership through in its auth token, and again, IsInRole() will then work.
As I said this only works on WindowsIdentity. So it's limited to integrated authentication/AD. This does not mix with ASP.Identity. So configure your app for Windows authentication, then cast the identity to a WindowsIdentity and then you get a Groups property on the cast instance.