Home/ Questions/Q 4012978
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T09:18:51+00:00

I’m maintaining an ASP.NET application, and right now security is defined in various places

  • 0

I’m maintaining an ASP.NET application, and right now security is defined in various places throughout the site. There is some logic in the code-behind, like if User.IsInRole(...), and there is other logic sprinkled throughout the ASPX pages like:

<asp:LoginView ID="lvDoSomeStuff" runat="server">
    <RoleGroups>
        <asp:RoleGroup Roles="Accounting,HR,Blah">
        ...
    </RoleGroups>
</asp:LoginView>

As new feature requests come in and new roles are created, I am forced to go through the entire application and make sure I haven’t missed any areas. I’d like to avoid this in the future.

How can I set the Roles attribute of the <asp:RoleGroup> element programmatically? I’ve tried doing something like this:

<asp:LoginView ID="lvDoSomeStuff" runat="server">
    <RoleGroups>
        <asp:RoleGroup Roles="<%= UserManager.GetRolesThatCanDoX() %>">
        ...
    </RoleGroups>
</asp:LoginView>

where GetRolesThatCanDoX() returns a comma-delimited list of role names, but my method never seems to get called.

Is it possible to do something like this in ASP.NET WebForms? Please help me decouple my code! 😉

Solution: Phantomtypist’s answer worked perfectly. My implementation of it was as follows:

ASPX:

<asp:LoginView ID="lvDoSomeStuff" runat="server">
    <RoleGroups>
        <asp:RoleGroup>
        ...
        </asp:RoleGroup>
    </RoleGroups>
</asp:LoginView>

Code-behind:

protected void Page_Load(object sender, EventArgs e)
{
    // Load rolegroups from UserManager
    lvDoSomeStuff.RoleGroups[0].Roles = UserManager.GetRolesThatCanDoStuff().ToArray();
    lvDoSomeOtherStuff.RoleGroups[0].Roles = UserManager.GetRolesThatCanDoOtherStuff().ToArray();
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Have you tried something like this…

    Code:

    protected void Page_Load(Object sender, EventArgs e)
{
    RoleGroup rg = new RoleGroup();
    rg.ContentTemplate = new CustomTemplate();
    String[] RoleList = {"users"};
    rg.Roles = RoleList;
    RoleGroupCollection rgc = LoginView1.RoleGroups;
    rgc.Add(rg);

}

    Designer:

    <asp:LoginView id="LoginView1" runat="server">
     <AnonymousTemplate>
         You are not logged in.<br />
         <asp:LoginStatus id="LoginStatus1" runat="server"></asp:LoginStatus>
     </AnonymousTemplate>
     <LoggedInTemplate>
          You are logged in as
          <asp:LoginName id="LoginName1" runat="server" />. This message is not from the template.<br />
          <asp:LoginStatus id="Loginstatus2" runat="server"></asp:LoginStatus>
     </LoggedInTemplate>
</asp:LoginView>
    • 0