This project is read-only.

If You Store Role Information in SQL Server, use SqlRoleProvider for Roles Authorization

- J.D. Meier, Carlos Farre, Jason Taylor, Prashant Bansode, Steve Gregersen, Madhu Sundararajan, Rob Boucher

If you store role information in SQL Server, configure your application to use the SqlRoleProvider for authorization. The role provider allows you to load the roles for users without writing and maintaining custom code.

The following steps show how to use SQL Server Role to provide role based authorization.
  1. Enable the Role provider as shown below and configure the connection string pointing to the role store in SQL server
…
<configuration>
…
<connectionStrings>
    <add name="MyLocalSQLServer"
         connectionString="Initial Catalog=aspnetdb;data source=Sqlserver;Integrated Security=SSPI;"

<system.web>
<roleManager enabled="true" defaultProvider="MySqlRoleProvider" >
      <providers>
        <add name="MySqlRoleProvider"
             connectionStringName="MyLocalSQLServer"
             applicationName="MyAppName"
             type="System.Web.Security.SqlRoleProvider" />
      </providers>
    </roleManager>
…
<system.web>
  1. Configure the Service Behavior. Set the principalPermissionMode attribute as UseAspNetRoles and the roleProviderName attribute to MySqlRoleProvider.
…
<system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior name="BehaviorConfiguration">
          <serviceAuthorization principalPermissionMode="UseAspNetRoles"
            roleProviderName="MySqlRoleProvider" />          
         </behavior>
      </serviceBehaviors>
    </behaviors>
<services>
    <service behaviorConfiguration=" BehaviorConfiguration " name="MyService">
      <endpoint binding="wsHttpBinding" bindingConfiguration=""
        name="httpsendpoint" contract="IMyService2" />
     </service>
  </services>
  </system.serviceModel>
…

Additional Resources

Last edited Jun 12, 2008 at 9:59 PM by prashantbansode, version 1

Comments

No comments yet.