ASP.NET Identity check user roles is not working

Question

I have an ASP.NET MVC 5 application. I\'m using the standard ASP.NET Identity provider for user and role management. It is important that I\'m using the IdentityUser from an

Answer 1

There seems to be an issue. [The issue by design]

• The role names are case sensitive in AuthorizeAttribute and User.IsInRole
• The role names are case insensitive in UserManager.IsInRole

Moreover, check for the correct role name is used for the verification.

[The above is based on the test performed with below code. Role Name="Admin", User is added to Role "Admin".]

[Authorize(Roles="Admin")] /*True as "Admin" has A capital as entered in Role name*/
public ActionResult Secured()
{
    if (User.IsInRole("admin")) /*This is False*/
    {
         Console.WriteLine("In");
    }
    if(UserManager.IsInRole(User.Identity.GetUserId(), "admin")) /*This is True!!*/
    {
         Console.WriteLine("In");
    }
    return View();
}

If we change the attribute to [Authorize(Roles="admin")], it redirects to Login page.