ASP.NET/Roles

From Wikibooks, open books for an open world
Jump to: navigation, search

A role is a group of users who are uniqely identified by the set of privileges they are given. A typical website has three roles:

  • Administrator
  • Power User
  • User

An administrator has all privileges over the particular site while power user and ordinary users don't have.

Creation of Roles[edit]

Roles can be created in various ways. The typical process of role creation involves using the Role Manager tag in Web.config


Example

<configuration>
  <connectionStrings>
    <add name="SqlServices" connectionString="Data Source=localhost;Initial Catalog=aspnetdb;Integrated Security=SSPI;" />
  </connectionStrings>

  <system.web>
    <authentication mode="Forms" >
      <forms loginUrl="login.aspx"
      name=".ASPXFORMSAUTH" />
    </authentication>

    <authorization>
      <deny users="?" />
      <allow roles="Administrators" />
      <deny users="*" />
    </authorization>

    <membership defaultProvider="AspNetSqlProvider" userIsOnlineTimeWindow="15">
    </membership>

    <roleManager defaultProvider="SqlProvider" 
      enabled="true"
      cacheRolesInCookie="true"
      cookieName=".ASPROLES"
      cookieTimeout="30"
      cookiePath="/"
      cookieRequireSSL="true"
      cookieSlidingExpiration="true"
      cookieProtection="All" >

      <providers>
        <clear />
        <add
          name="SqlProvider"
          type="System.Web.Security.SqlRoleProvider"
          connectionStringName="SqlServices"
          applicationName="SampleApplication" />
        </providers>

    </roleManager>
  </system.web>
</configuration>

Roles can also be assigned or modified programmatically using the Role class.

Using the Website Administration Tool[edit]

Roles can be created in .NET 2.0 using the ASP.NET Website Administration tool. This tool is available in the Solution Explorer toolbar.

The tool allows the user to change

  • Security settings
  • Application Configuration
  • Provider Configuration

A few snapshots of the tool are availabe below. These snapshots are self-explanatory:

WebSite Admin Home.JPG

Website Admin Security.JPG

Website Admin Security Roles.JPG

References[edit]

Role Class in C#, MSDN site