So far I’ve seen several custom implementations of ASP.NET Role Providers, and all of

Question

0

Asked: June 10, 20262026-06-10T00:18:18+00:00 2026-06-10T00:18:18+00:00

So far I’ve seen several custom implementations of ASP.NET Role Providers, and all of

0

So far I’ve seen several custom implementations of ASP.NET Role Providers, and all of them comply to a base class requirenment that the Role-checking is done based on string username. (For example IsUserInRole(string username)). Is this requirenment for Role Provider based on the fact that this string username will be a uniqe key for user entity?

My user class uses GUID Id as a uniqe identifier of the user instance.

P.S. I do understand that I need to use thie GUID Id when setting authentication cookies. Just want to make sure that I understand the motivation behind user name role associations.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-10T00:18:19+00:00

Editorial Team

2026-06-10T00:18:19+00:00Added an answer on June 10, 2026 at 12:18 am

Most likely because it’s very easy to get the username from the IPrincipal. So you can easily do IsUserInRole(User.Identity.Name)

More importantly, the FormsAuthentication system has to be able to rely on the IPrincipal to do validation at the Authorization level, and the only information that available is the username.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

So far I’ve seen several custom implementations of ASP.NET Role Providers, and all of

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply