Using isManager = site.IsCurrentUserMemberOfGroup(managerGroup.ID) gives access error while trying to verify the group

Question

I'm trying to verify the group of the user while logging in. But when I try to use isManager = site.IsCurrentUserMemberOfGroup(managerGroup.ID); it gives me an error that you don't have an access to the page.

If I'm already logged in and then run the similar code, it runs fine but while using this in login page where the user is not logged in, this code doesn't work and gives the access denied error.

How should I resolve this?

CODE:

            SPWeb site = SPControl.GetContextWeb(System.Web.HttpContext.Current);

            SPContext currentContext = SPContext.Current;
            SPSecurity.RunWithElevatedPrivileges(delegate()
            {  SPGroup managerGroup = site.Groups["DevTest"];
                bool isManager = site.IsCurrentUserMemberOfGroup(managerGroup.ID);


                if (!isManager)
                {
                    Label1.Text = "Wroung user id or group";
                }
                else
                {
            bool status = SPClaimsUtility.AuthenticateFormsUser(Context.Request.UrlReferrer, TextBox1.Text, TextBox2.Text);
            if (!status)
            {
                Label1.Text = "wrong user id or password";
            }
            else
            { Label1.Text = "wrong user id or password";
                }
            }
        });
    }
    }

Answer 1

You are miss-using SPSecurity.RunWithElevatedPrivileges. You need to create (and dispose) new SPSite/SPWeb objects inside the elevated section. Using contextual objects inside the elevated section has not effect on these objects: they're still old SP objects opened with the permissions of the initial user...
See for instance the second part of https://sharepoint.stackexchange.com/a/171392/35604 to get more details.

Also, in your case, note that you won't be able to use IsCurrentUserMemberOfGroup anymore, since the "current user" of the elevated web will be "system account" and not the original user. If your users are directly part of the manager group (not via a domain group), you can use instead SPUser.Groups in order to enumerate all groups the user belong to.