Home/ Questions/Q 348691
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-12T11:23:18+00:00

I am using asp.net forms authentication, membership provider and role provider. You can refer

  • 0

I am using asp.net forms authentication, membership provider and role provider.

You can refer to this post.

This post helped me to restrict access of the users to the specific areas of Web application according to their roles.

But the roles are hard-coded in the Web.config file.

I need to read the roles from the asp.net role provider database.

I want to use the database generated by this command:
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727>aspnet_regsql]

and the following tool:

alt text

and [aspnetdb] database.

And I want to use microsoft’s framework and avoid my own customization as far as possible.

Plz tell me how can I generate authentication and authorization ticket. Better if you can show me some C# code.

Can anyone help me?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    If you have already wired Authentication and Membership using SQL Server in your site it will be easy for you. Just follow these steps:

    Create role store on sql server

       aspnet_regsql -S .\SQLExpress -E -A r

    -S specifies the server, which is (.\SQLExpress) in this example.
    -E specifies to use Windows authentication to connect to SQL Server.
    -A r specifies to add only the role provider feature.

    Add connection string for role provider:

    <connectionStrings>
  <add name="MyLocalSQLServer"
       connectionString="Initial Catalog=aspnetdb;
      data source=.\sqlexpress;Integrated Security=SSPI;" />
</connectionStrings>

    Add role manager:

    <system.web>
  <roleManager enabled="true" defaultProvider="MySqlRoleProvider" >
    <providers>
      <clear/>
      <add name="MySqlRoleProvider" connectionStringName="MyLocalSQLServer"
           applicationName="MyAppName"
           type="System.Web.Security.SqlRoleProvider" />
    </providers>
  </roleManager>
</system.web>

    Now you can use Role based stuff in your pages (supposing you have already enabled authentication [windows or forms])

    Test ASPX:

        All Defined Roles: <asp:Lable id="lblAllRoles" runat="server" /><br/>
    Your Roles: <asp:label id="lblMyRoles" runat="server" /><br/>

    Codebehind:

        protected void Page_Load(object sender, EventArgs e)
    {
        //here we are supposing that user is already authenticated

        StringBuilder sb=new StringBuilder();

        //gets roles for currently authenticated user
        var roles = Roles.GetRolesForUser();            

        foreach (var v in roles)
            sb.Append(", " + v);

        lblMyRoles.Text = sb.ToString();
        sb.Remove(0,sb.Length);

        string [] allRoles = Roles.GetAllRoles();
        foreach(var v in allRoles)
           sb.Append(", " + v);

        lblAllRoles.Text = sb.ToString();
    }

    Simillarly you can use Role.IsUserInRole("ROLE_NAME") to check if user is assigned particular role.

    • 0