If you store role or authentication information in SQL, use SQL Server Role Provider for roles authorization and SqlMembershipProvider for authentication

J.D. Meier, Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen.

If you store role information in SQL Server, configure your application to use the SqlRoleProvider for authorization. The role provider allows you to load the roles for users without writing and maintaining custom code. .

The following steps show how to use SQL Server Role to provide role based authorization.
  1. Enable the Role provider as shown below and configure the connection string pointing to the role store in SQL server
…
<connectionStrings>
    <add name="MyLocalSQLServer"
         connectionString="Initial Catalog=aspnetdb;data source=Sqlserver;Integrated Security=SSPI;"/>
</connectionStrings>
...

<system.web>
<roleManager enabled="true" defaultProvider="MySqlRoleProvider" >
      <providers>
        <clear/>
        <add name="MySqlRoleProvider"
             connectionStringName="MyLocalSQLServer"
             applicationName="MyAppName"
             type="System.Web.Security.SqlRoleProvider" />
      </providers>
    </roleManager>
…
<system.web>
  1. Configure the Service Behavior, to set the principalPermissionMode attribute as UseAspNetRoles and the roleProviderName attribute to MySqlRoleProvider.
…
<system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior name="BehaviorConfiguration">
          <serviceAuthorization principalPermissionMode="UseAspNetRoles"
            roleProviderName="MySqlRoleProvider" />          
         </behavior>
      </serviceBehaviors>
    </behaviors>
<services>
    <service behaviorConfiguration=" BehaviorConfiguration " name="MyService">
      <endpoint binding="wsHttpBinding" bindingConfiguration=""
        name="httpsendpoint" contract="IMyService2" />
     </service>
  </services>
  </system.serviceModel>
…

Last edited Apr 24, 2008 at 12:33 AM by prashantbansode, version 2

Comments

No comments yet.