I have extended the UserBase
class in System.ServiceModel.DomainServices.Server.ApplicationServices
in my Silverlight RIA, and yes people still use Silverlight, and I was wondering what the best practice would be regarding IsInRole(@"domain\groupName")
and how I might get away from using a hard-coded group name?
I am using Windows auth and an Authentication DomainService.
You could put all your domain\group strings in a static class - then at least your hardcoded strings are all in one place.
If you wish to use the RequiresRole attribute then the strings will need to be const rather than static otherwise VS will complain during build.
Hardcoded group name isn't so bad - the problem is a hardcoded domain name IMHO - since you can define groups that are exclusive to your application and push the onus on setup onto the network admin (this is how many Windows server applications behave)
Alternatively you could use standard ASP.NET roles and have some custom mapping between domain groups and ASP.NET roles (a bit like how SQL Server must do it)