ASP.NET/Roles
< ASP.NET
A role is a group of users who are uniqely identified by the set of privileges they are given. A typical website has three roles:
- Administrator
- Power User
- User
An administrator has all privileges over the particular site while power user and ordinary users don't have.
Creation of Roles
[edit | edit source]Roles can be created in various ways. The typical process of role creation involves using the Role Manager tag in Web.config
Example
<configuration>
<connectionStrings>
<add name="SqlServices" connectionString="Data Source=localhost;Initial Catalog=aspnetdb;Integrated Security=SSPI;" />
</connectionStrings>
<system.web>
<authentication mode="Forms" >
<forms loginUrl="login.aspx"
name=".ASPXFORMSAUTH" />
</authentication>
<authorization>
<deny users="?" />
<allow roles="Administrators" />
<deny users="*" />
</authorization>
<membership defaultProvider="AspNetSqlProvider" userIsOnlineTimeWindow="15">
</membership>
<roleManager defaultProvider="SqlProvider"
enabled="true"
cacheRolesInCookie="true"
cookieName=".ASPROLES"
cookieTimeout="30"
cookiePath="/"
cookieRequireSSL="true"
cookieSlidingExpiration="true"
cookieProtection="All" >
<providers>
<clear />
<add
name="SqlProvider"
type="System.Web.Security.SqlRoleProvider"
connectionStringName="SqlServices"
applicationName="SampleApplication" />
</providers>
</roleManager>
</system.web>
</configuration>
Roles can also be assigned or modified programmatically using the Role class.
Using the Website Administration Tool
[edit | edit source]Roles can be created in .NET 2.0 using the ASP.NET Website Administration tool. This tool is available in the Solution Explorer toolbar.
The tool allows the user to change
- Security settings
- Application Configuration
- Provider Configuration
A few snapshots of the tool are availabe below. These snapshots are self-explanatory:
