Accessing the SPRoleCollection requires Administrator right or at least Manage Site Groups right.

The only way around it that we found is to issue a web service call impersonating the user as an administrator.

Additional question: Where could I have found the information that I needed the administrator rights for accessing the SPRoleCollection

Here is the problem, I couldn’t find documentation about the security role for SPRoleCollection. I just concluded that this was an issue

Below is a code snippet for a VB.NET function. This function refers to a Web Service myws that references /_vti_bin/UserGroup.asmx and it returnes an array containing the list of roles the user belong to.

Please note that I am storing the username/password/domain of a user with sufficient admin right in the web.config file.

Hope this may help

Private Function GetUserRoles(ByVal web As SPWeb, ByVal Username As String, ByRef sError As String, ByRef isadmin As Boolean) as ArrayList

        ' Retrive the list of Role for the server

        Dim resultArray As New ArrayList



        Dim myws As New WSS.UserGroup





        myws.Url = web.Url.ToString + "/_vti_bin/UserGroup.asmx"

        Dim sUsername As String

        Dim sPassword, sEncPassword As String

        Dim sDomain As String

        Dim sPublicKey As String



        Try

            sUsername = System.Configuration.ConfigurationSettings.AppSettings("usrSiteGroups")

            sPassword = System.Configuration.ConfigurationSettings.AppSettings("pwdSiteGroups")

            sDomain = System.Configuration.ConfigurationSettings.AppSettings("domSiteGroups")





        Catch ex As Exception

            sError = "Error getting sitegroup username, please adjust"

            Exit Function

        End Try

        If sUsername Is Nothing Then

            sError = "Error getting sitegroup username, please adjust"

            Exit Function

        End If

        Dim authorizedCredentials As New CredentialCache

        Dim credentials As NetworkCredential = New NetworkCredential(sUsername, sPassword, sDomain)



        ' Add the NetworkCredential to the CredentialCache.



        Dim sAuth As String = System.Configuration.ConfigurationSettings.AppSettings("auth")



        If sAuth Is Nothing And sAuth = "" Then

            sAuth = "NTLM"

        End If

        authorizedCredentials.Add(New Uri(myws.Url), sAuth, credentials)



        ' Add the CredentialCache to the proxy class credentials.

        myws.Credentials = authorizedCredentials

        Dim ndGroups As XmlNode = myws.GetRoleCollectionFromWeb()



        Try

            For i As Integer = 0 To ndGroups.ChildNodes(0).ChildNodes.Count - 1





                ' For each role list the users, scan thru the user



                Dim onerole As XmlNode = ndGroups.ChildNodes(0).ChildNodes(i)



                Dim RoleName As String = onerole.Attributes("Name").Value

                myws.Credentials = authorizedCredentials



                Dim ndUsers As XmlNode = myws.GetUserCollectionFromRole(RoleName)



                For j As Integer = 0 To ndUsers.ChildNodes(0).ChildNodes.Count - 1



                    Dim oneuser As XmlNode = ndUsers.ChildNodes(0).ChildNodes(j)

                    Dim UserRoleName As String = oneuser.Attributes("LoginName").Value

                    If Username = UserRoleName Then

                        If RoleName = "Administrator" Then

                            isadmin = True

                        End If

                        resultArray.Add(RoleName)

                        Exit For

                    End If

                Next

            Next



        Catch ex As SPException

            Dim message As String = ex.message

        Catch ex As Exception

            Dim message As String = ex.message

        Catch ex As System.Web.Services.Protocols.SoapException

            Dim message As String = ex.message

        End Try

        Return resultArray

        ' For each role, retrieve list of user, if user in the role, add to the list



    End Function