Microsoft KB Archive/321562

= FIX: Role-Based Authentication Fails for Users Who Belong to Many Groups =

Article ID: 321562

Article Last Modified on 2/12/2007

-

APPLIES TO


 * Microsoft .NET Framework 1.0 Service Pack 1

-



This article was previously published under Q321562



SYMPTOMS
If a user belongs to many groups, the user cannot access a resource even if the user is a member of a group that is granted access to the resource. This problem occurs if the user belongs to many groups where the number of groups depends on the length of the group names.

You may experience this problem in the following scenarios:
 * You call the WindowsPrincipal.IsInRole method.
 * You call the User.IsInRole method.
 * You enable impersonation in Web applications, and you set the authentication method to BASIC or NTLM.



CAUSE
A 2,048-byte buffer is used to store the names of the groups that each user belongs to. This problem occurs if the combined length of these group names is greater than 2,048 bytes.



RESOLUTION
To resolve this problem, obtain the latest service pack for Microsoft .NET Framework. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

318836 INFO: How to Obtain the Latest .NET Framework Service Pack

The English version of this fix should have the following file attributes or later:   Date        Time    Version       Size       File name 02-May-2002 12:25 1.0.3705.269   1,953,792  Mscorlib.dll 02-May-2002 02:15 1.0.3705.269   2,260,992  Mscorsvr.dll 02-May-2002 02:16 1.0.3705.269   2,256,896  Mscorwks.dll



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Microsoft .NET Framework Service Pack 2 (SP2).

Keywords: kbbug kbfix kbqfe kbnetframe100presp2fix kbnetframe100sp2fix kbhotfixserver KB321562

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.