locked
How to add role to user after logging in. RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    User302996713 posted

    Am using forms authentication to sign in users which works very well, now I want certain users to access some folders basing on their roles. But I dont know how to add  roles to users after i have authenticated them.  I have tried some tutorials but all in vain. This is my how I authenticate users.

    FormsAuthentication.SetAuthCookie(txtusername.Text, false);
Response.Redirect("~/Admin/admin.aspx");


    Please help.

    Tuesday, June 17, 2014 10:01 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    User103196646 posted

    Hello! Thanks for your post.

    I recommend using ASP.Net membership to create and manage Roles. Then you can restrict users to specific folders by adding a web.config file to each folder. For example -

    <authorization>
    <allow roles="admin"/>
    <deny users="*"/>
</authorization>

    Here's how to implement Asp.Net membership -

    Step 1: Run this exe to create the ASP.Net membership tables in SQL Server - Aspnet_regsql.exe

    Step 2: Configure membership in your web.config file

    <configuration>
  <connectionStrings>
    <add name="MySqlConnection" connectionString="Data 
      Source=MySqlServer;Initial Catalog=aspnetdb;Integrated
      Security=SSPI;" />
  </connectionStrings>
  <system.web>
    <authentication mode="Forms" >
      <forms loginUrl="login.aspx" />
    </authentication>
    <authorization>
      <deny users="?" />
    </authorization>
    <membership defaultProvider="SqlProvider"
      <providers>
        <add 
          name="SqlProvider" 
          type="System.Web.Security.SqlMembershipProvider" 
          connectionStringName="MySqlConnection" />
      </providers>
    </membership>
  </system.web>
</configuration>

    Step 3: Add a role provider to your web.config:

    <roleManager enabled="true" defaultProvider="SqlRoleManager">
      <providers>
        <add name="SqlRoleManager" 
             type="System.Web.Security.SqlRoleProvider"
             connectionStringName="SqlRoleManagerConnection"
             applicationName="MyApplication" />
      </providers>
    </roleManager>

    Here's a old, but good Microsoft patterns and practices article on using ASP.Net Membership: http://www.asp.net/web-forms/tutorials/moving-to-aspnet-20/membership

    Regards!

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, June 17, 2014 4:28 PM