Menu
I want to do a simple role authentication in .NET - but am lost in the profusion of apis...
I would like to have a web.config per directory with role access like:
<authorization>
<allow roles="admin"/>
<deny users="*"/>
</authorization>
And in my login page, where I do FormsAuthentication.RedirectFromLoginPage I want to specify the role of the logged in user (admin, user, etc...) I have no need for the RoleManagementProviders and the overkilled feature (in my case) of RoleManagement.
What API do I need to user to just specify the role of a user?
Thanks
708
For role-based authorization, the customer is responsible for providing the user ID, any optional attributes, and all mandatory user attributes necessary to define the user to Payment Feature Services. The customer must also define the roles that are assigned to the user.
Authentication is knowing the identity of the user. For example, Alice logs in with her username and password, and the server uses the password to authenticate Alice. Authorization is deciding whether a user is allowed to perform an action. For example, Alice has permission to get a resource but not create a resource.
Here is a link on a very simple Forms Authentication implementation with roles. I believe this is the most basic Forms Authentication implementation: http://www.codeproject.com/KB/web-security/formsroleauth.aspx
Here is one on the membership provider: http://www.asp.net/learn/moving-to-asp.net-2.0/module-08.aspx You might have to search for additional tutorials to get a clear idea on how to customize it.
I prefer the membership provider because it allows you to override the defaults and supply your own datastore and methods used for the different authentication actions. I find it to be easier than using the basic implementation.
113
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
