AFElement CheckSecurity for domain users

Discussion created by chandotnet on Apr 23, 2013
Latest reply on Apr 26, 2013 by chandotnet

We have a "windows authenticated" web service.


The web service open & cache a connection to AF using a service account with all rights on AF elements.


This web service is hosted on domain A and trust the domain B.


Users from domain B connect to the web service and are authentified.


Now the web service will want to check if the authenticated user have rights to write to a given AF element.


We have added Domain A Active Directory groups to the element.


We have added Domain B users to the Domain A Groups that we have added to the element.


We get the WindowsIdentity like that :



var userIdentity = (WindowsIdentity)HttpContext.Current.User.Identity;

user is B\userName


and then we check the security like that:



var secur = afElement.Security.CheckSecurity(userIdentity);



The result will always return None even if the user is in a group with all rights on the element.




Are we using the good function to do that ?


Do we have to impersonate or something like that ?




Many thanks for you help.