IIS 7.x natively supports the same URL-based authorization mechanisms as ASP.NET does. You can configure URL-based authorization in the <authorization> configuration option as a part of the <system.webServer> section of the web.config configuration file, because IIS 7.x ships with its own UrlAuthorizationModule. On the other hand you can also configure web application hosted in IIS 7.x …
ASP.NET Security Tutorials
How to use the Roles API with Windows authentication in ASP.NET in VB.NET
The roles API ships a provider that integrates with Windows roles for Windows authentication: the WindowsTokenRoleProvider. This provider retrieves the Windows group membership information for the currently logged-on user and provides it for your application. When using the WindowsTokenRoleProvider, you have to configure your application using Windows authentication and then configure the WindowsTokenRoleProvider as follows:
<configuration>
How to use the Roles API with Windows authentication in ASP.NET in C#
The roles API ships a provider that integrates with Windows roles for Windows authentication: the WindowsTokenRoleProvider. This provider retrieves the Windows group membership information for the currently logged-on user and provides it for your application. When using the WindowsTokenRoleProvider, you have to configure your application using Windows authentication and then configure the WindowsTokenRoleProvider as follows:
<configuration>
How to access Roles programmatically for Role-Based authorization in ASP.NET
You can programmatically add new roles, read role information, and delete roles from your application. In addition, you can associate users with roles as well as get users associated with a specific role. You can do all this by calling methods of the Roles class.
Most of the properties included in the Roles class just map to the settings …
You can use the LoginView control to display different controls for anonymous and logged-in users by using templates <AnonymousTemplate> and <LoggedInTemplate> which implement this functionality. You can find more information from the article How to use ASP.NET membership LoginView control.
The control supports one additional template that enables you to create different views based on …
How to perform authorization checks for Role-Based authorization in ASP.NET in VB.NET
When you enable the roles API, by following the approach described in the article How to use Roles API for Role-Based Authorization in ASP.NET, the RoleManagerModule automatically creates a RolePrincipal instance. This instance contains both the authenticated user’s identity and the roles of the user. The RolePrincipal is a custom implementation of IPrincipal, which is the …
How to perform authorization checks for Role-Based authorization in ASP.NET in C#
When you enable the roles API, by following the approach described in the article How to use Roles API for Role-Based Authorization in ASP.NET, the RoleManagerModule automatically creates a RolePrincipal instance. This instance contains both the authenticated user’s identity and the roles of the user. The RolePrincipal is a custom implementation of IPrincipal, which is the …
How to configure access rules for Role-Based authorization in ASP.NET
As soon as you have configured users and roles, by following approach described in the article How to create users and roles for Role-Based authorization in ASP.NET, you need to configure the authorization rules for your application. You can establish these rules by configuring the appropriate <authorization> sections in the different directories of your application. You …
How to create users and roles for Role-Based authorization in ASP.NET
As soon as you have configured the roles API, by following approach described in the article How to use Roles API for Role-Based Authorization in ASP.NET you can create users and roles and then assign users to these roles using either the WAT or the Roles class in your code. You should click the Create or Manage Roles …
The fundamental Roles API classes for Role-Based Authorization in ASP.NET
If you are going to use Role-based authorization in your ASP.NET project you can find more information from the article How to use Roles API for Role-Based Authorization in ASP.NET, and you can use some of the classes which are listed in the next table:
Class name
Description
RoleManagerModule
This module ensures that roles will be assigned to …