I’m following this article in which is described how to assign roles to users when theiy log-in using forms authentication:
public void Application_AuthenticateRequest( Object src , EventArgs e )
{
if (!(HttpContext.Current.User == null))
{
if (HttpContext.Current.User.Identity.AuthenticationType == "Forms" )
{
System.Web.Security.FormsIdentity id;
id = (System.Web.Security.FormsIdentity)HttpContext.Current.User.Identity;
String[] myRoles = new String[2];
myRoles[0] = "Manager";
myRoles[1] = "Admin";
HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(id,myRoles);
}
}
}
I put the role logic in the event handler, so I basically don’t need a role provider. Nonetheless, in order to run this, appears that I must enable Role Provider in web.config. Sadly, if I just put:
<roleManager enabled="true"/>
it results in runtime errors related to a failed connection to the SQL server, like if I chose AspNetSqlRoleProvider as Role Provider.
What should I do to have roles working this way? How can I choose to use no role provider, or how should I implement a dummy one (if it makes any sense)?
You shouldn’t need to enable
roleManagerin web.config – after all, people used to use roles with .NET 1.x before roleManager came along.One thing that
roleManagerwill do for you that you haven’t done in your code is setThread.CurrentPrincipaltoHttpContext.Current.User. If you’re relying on this (e.g. usingPrincipalPermissionAttribute), then you need to add this:Otherwise, I’d expect it to work: what symptoms are you seeing that makes you think it isn’t working?
As for implementing a dummy
RoleProvider, it’s easy enough: for example see this MSDN article.You only need to implement the
GetRolesForUserandIsInRolemethods; the other methods can simply throwNotSupportedException.