"How ASP.Net Role management Works"
Role Management helps us to manage the roles of the different users (i.e. what will be the role of a particular user in the application),we can restrict some users to access any resource and can easily manage the behaviour of our application using role management.
In other words we can say that role management helps us to manage the resources that users in our application are allowed to access. Using role management we can treat group of users as a unit by assigning users to roles such as manager, sales, member, etc.
Through roles we can easily change permissions, add users and remove users from our site. Role provides a convenient way to make changes to group of users.
Users can belong to more than one role:
We might define each role to have different rules or rights on the site, So the person in a specific role will have the set of rights defined in that role.But some users might be in two roles, For example let us consider the following three roles Principal, Teacher & Student each role will have their set of rights defined but for example if a user who is a principal is also a teacher then he will have the access to both the set of rights.
Therefore we can say that if a user who is in two roles would then have both sets of rights.
Role Management with User Identity & Membership:
First we have to identify the users in our application so that we can determine whether the user is in a specific role, then only we can apply role management to our application.
To establish User Identity we can configure our application in two ways:
1.Windows authentication:
If application runs in a local area network, the users are idetified by their Windows domain account name.
2.Forms authentication:
Incase of Internet applications we can use forms authentication to establish user identity. For this task we create page where the user can enter a username & password & then we validate the user's credentials.
Role Management can also be used together with Membership for establishing User Identity .In which we define users and passwords using membership and then we define roles and assign members to those roles using role management.
Role Management with ASP.NET roles service:
Roles can be accessed as a Windows Communication Framework (WCF) service by using ASP.NET roles service . Through which we can also check a user's roles from a Windows Forms application, from a Web application, or from an application that does not use the .NET Framework.
Role Management Confriguration:
To use role management we have to first enable it in an application's Web.config file and optionally configure access rules.
Example:
<roleManager
enabled="true"
cacheRolesInCookie="true" >
</roleManager>
Now we will define the access rules in the Web.config file. The following example shows how to allow users in the role of staff to view pages in the folder named StaffPages and denies access to anyone else:
<configuration>
<location path="StaffPages">
<system.web>
<authorization>
<allow roles="staff" />
<deny users="*" />
</authorization>
</system.web>
</location>
<configuration>
Now we can assign user IDs to the roles programmatically by calling various role-manager methods.
Example to create a role:
Roles.CreateRole("staff");
Example to add a single user in a role:
Roles.AddUserToRole("Rakesh", "staff");
Example to add two users in a role at one time:
string[] userGroup = new string[2];
userGroup[0] = "Mohan";
userGroup[1] = "Anil";
Roles.AddUsersToRole(userGroup, "staff");
Accessing Roles at Run Time:
We can access the role of the current user at run time using User property.
For Example:
if (User.IsInRole("staff"))
{
staffButton.Visible = True;
}
To perform role management tasks programmatically, such as to obtain a list of the roles for the current logged-in user Asp.Net has created an instance of the RolePrincipal class.
For Example:
string[] currentRoles = ((RolePrincipal)User).GetRoles();
0 Comment(s)