I’m working on a web login application using forms authentication and role authentication.
I’m not so familiar with the role authentication , I’ve searched in google for some tutorials but I couldn’t understand.
So ,
- 1.For creating an user with a certain role everything must be done here:
http://i1.asp.net/asp.net/images/pss/module08_06.jpg ( but , I want to store users info and roles in the asp.net sql database )
What I thought so far is to create a database with the followings table columns:
1.ID(int,primary)
2.Username(varchar(10))
3.Password(varchar(10))
4.RoleType(varchar(10)) - Roles are : Admin / User
On login , check if the user&pass are valid if yes then select the roletype from the database for the current user .
If roletype = Admin
Redirect to a certain page
else if roletype = user
Redirect to other page
But I don’t think asp.net web page knows that the column RoleType is used for roles and it doesn’t make sense , I mean there’s no conection between <allow users="Admin"/> and my column for called RoleType
<location path="\Admin\">
<system.web>
<authorization>
<allow users="Admin"/> //this
<deny users="*"/>
</authorization>
So , if anyone wouldn’t mind helping me , I would really appreciate.
Thanks
ASP.NET Comes with a builtin tool for creating a User (Membership) and Roles Database which has all the correct schemas you will need.
I’d strongly suggest you start there, instaed of attempting to roll your own.
http://msdn.microsoft.com/en-us/library/x28wfk74.aspx
Once you’ve done that, it’s trivial to use the built in user/role management screens & the built in SqlMembershipProvider & SqlRoleProvider
Edit
After a quick google, ASP.NET seems to have a very good and detailed tutorial on asp.net membership & roles security
http://www.asp.net/web-forms/tutorials/security
You’ll want to read that entire section on Membership, Roles & Admin.