Role Management in

Role Management in .net Vinay Dhareshwar

Agenda • Introduction • Membership Service • Login Controls • Role Management Service 2

Role Based Security • Most business applications require role-based security. • Role management lets you create groups of users as a unit • Roles give flexibility to change permissions and add and remove users. • Each Web page in the Web application can be assigned a security level • As you define more access rules for your application, roles become a more convenient way to apply the changes to groups of users. 3

Membership Service • Manages users and credentials • Simplifies forms authentication • Provider-based for flexible data storage 4

Membership Schema Controls Login LoginStatus LoginView Other Controls Membership API Membership MembershipUser Membership Providers SqlMembershipProvider Other Membership Providers Membership Data SQL Server SQL Server Express Other Data Stores 5

Key Membership Methods

Creating New Users try { Membership.CreateUser ("Jeff", "imbatman!", "jeff@microsoft.com"); } catch (MembershipCreateUserException e) { // Find out why CreateUser failed switch (e.StatusCode) { case MembershipCreateStatus.DuplicateUsername: ... case MembershipCreateStatus.DuplicateEmail: ... case MembershipCreateStatus.InvalidPassword: ... default: ... } } 7

The MembershipUser Class • Represents individual users registered in the membership data store • Returned by Membership methods such as GetUser and CreateUser 8

Key MembershipUser Methods

Configuring the Membership Service <membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow = "00:15:00" hashAlgorithmType = "[SHA1|MD5]" > <providers> ... </providers> </membership> 10

Login Controls

Using the Login Control <html> <body> <form runat="server"> <asp:Login RunAt="server" /> </form> </body> </html> 12

The LoginView Control • Displays content differently to different users depending on: • Whether user is authenticated • If user is authenticated, the role memberships he or she is assigned • Template-driven • <AnonymousTemplate> • <LoggedInTemplate> • <RoleGroups> and <ContentTemplate> 13

Using LoginView <asp:LoginView ID="LoginView1" Runat="server"> <AnonymousTemplate>  </AnonymousTemplate> <LoggedInTemplate>  </LoggedInTemplate> <RoleGroups> <asp:RoleGroup Roles="Administrators"> <ContentTemplate>  </ContentTemplate> </asp:RoleGroup> ... </RoleGroups> </asp:LoginView> 14

Role Management Service • Role-based security in a box • Simplifies adding role-based security to sites that employ forms authentication • Provider-based for flexible data storage 15

Role Management Schema Controls Login LoginStatus LoginView Other Controls Roles API Roles Role Providers SqlRoleProvider Other Role Providers Roles Data SQL Server SQL Server Express Other Data Stores 16

The Roles Class • Provides static methods for performing key role management tasks • Includes read-only static properties for acquiring data about provider settings 17

Key Roles Methods

Creating a New Role if (!Roles.RoleExists ("Developers")) { Roles.CreateRole ("Developers"); } Adding a User to a Role string name = Membership.GetUser ().Username; // Get current user Roles.AddUserToRole (name, "Developers"); // Add current user to role 19

Configuring the Role Manager <roleManager enabled="[true|false]" defaultProvider="AspNetSqlRoleProvider" createPersistentCookie="[true|false]" cacheRolesInCookie="[true|false]" cookieName=".ASPXROLES" cookieTimeout="00:30:00" cookiePath="/" cookieRequireSSL="[true|false]" cookieSlidingExpiration="[true|true]" cookieProtection="[None|Validation|Encryption|All]" domain="" maxCachedResults="25" > <providers> ... </providers> </roleManager> 20

Role Management Providers • Role management is provider-based • Ships with three role providers: • AuthorizationStoreRoleProvider (Authorization Manager, or "AzMan") • SqlRoleProvider (SQL Server) • WindowsTokenRoleProvider (Windows) • Use custom providers for other data stores 21

Configuring SqlRoleProvider <roleManager defaultProvider="AspNetSqlRoleProvider" ...> <providers> <add applicationName="/" connectionStringName="LocalSqlServer" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, ..." /> </providers> </roleManager> 22

Role Management 23

References • http://www.c-sharpcorner.com/UploadFile/praveenalwar/PraveenAlwar07202006064726AM/PraveenAlwar.aspx • http://msdn.microsoft.com/en-us/library/5k850zwb.aspx • http://oudinia.blogspot.com/2007/11/aspnet-20-security-role-management.html • http://www.codedigest.com/Articles/ASPNET/78_LoginView_Controls_with_Roles_in_ASPNet_20.aspx • http://msdn.microsoft.com/en-us/library/aa478958.aspx • http://download.microsoftvirtuallabs.com/download/8/a/7/8a71365b-4c80-4e60-8185-8f12f59bf1d4/ASP.NET2.0MembershipLoginControlsandRoleManagement.pdf 24

Role Management in

Role Management in

Presentation Transcript

The Role of Leadership in Performance Management

The role of IT in Knowledge Management

Role of Hunting in Wildlife Management

ROLE OF INSURANCE MANAGEMENT IN ERM

Transit’s Role in Emergency Management

Role of DIET in Disease Management

TxDOT’s Role in Flood Management

Role of IT in management

Technology’s Role in Emergency Management

Role of Barcodes In Inventory Management

ROLE OF CORPORATES IN DISASTER MANAGEMENT

Role of Managers in Company Management

Role of Telemedicine in Disaster Management

Role of the Surgeon in Cancer Management

SNIFFER’S ROLE IN FLOOD RISK MANAGEMENT

IT Role in Data Management Planning

Project Management Role

The Library Role in Knowledge Management

What Role Madison Management Plays In Property Management

Role of technology in event management

Role of PR in Crisis Management

Management Role in Effective Customer Service