public static bool IsUserInRoles(IList roles, IPrincipal user) { // if roles is empty, return true if ((roles == null) || (roles.Count == 0)) return true; foreach (string role in roles) { if (!string.Equals(role, "*", StringComparison.InvariantCultureIgnoreCase) && ((user == null) || !user.IsInRole(role))) { continue; } return true; } return false; }