locked
How to add role to user after logging in. RRS feed

  • Question

  • User302996713 posted

    Am using forms authentication to sign in users which works very well, now I want certain users to access some folders basing on their roles. But I dont know how to add  roles to users after i have authenticated them.  I have tried some tutorials but all in vain. This is my how I authenticate users.

    FormsAuthentication.SetAuthCookie(txtusername.Text, false);
    Response.Redirect("~/Admin/admin.aspx");


    Please help.

    Tuesday, June 17, 2014 10:01 AM

Answers

  • User103196646 posted

    Hello! Thanks for your post.

    I recommend using ASP.Net membership to create and manage Roles. Then you can restrict users to specific folders by adding a web.config file to each folder. For example -

    <authorization>
        <allow roles="admin"/>
        <deny users="*"/>
    </authorization>

    Here's how to implement Asp.Net membership -

    Step 1: Run this exe to create the ASP.Net membership tables in SQL Server - Aspnet_regsql.exe

    Step 2: Configure membership in your web.config file

    <configuration>
      <connectionStrings>
        <add name="MySqlConnection" connectionString="Data 
          Source=MySqlServer;Initial Catalog=aspnetdb;Integrated
          Security=SSPI;" />
      </connectionStrings>
      <system.web>
        <authentication mode="Forms" >
          <forms loginUrl="login.aspx" />
        </authentication>
        <authorization>
          <deny users="?" />
        </authorization>
        <membership defaultProvider="SqlProvider"
          <providers>
            <add 
              name="SqlProvider" 
              type="System.Web.Security.SqlMembershipProvider" 
              connectionStringName="MySqlConnection" />
          </providers>
        </membership>
      </system.web>
    </configuration>

    Step 3: Add a role provider to your web.config:

    <roleManager enabled="true" defaultProvider="SqlRoleManager">
      <providers>
        <add name="SqlRoleManager"
             type="System.Web.Security.SqlRoleProvider"
             connectionStringName="SqlRoleManagerConnection"
             applicationName="MyApplication" />
      </providers>
    </roleManager>

    Here's a old, but good Microsoft patterns and practices article on using ASP.Net Membership: http://www.asp.net/web-forms/tutorials/moving-to-aspnet-20/membership

    Regards!

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, June 17, 2014 4:28 PM