Master ASP. NET 2.0 login control-role management

Preliminary understanding of ASP. NET 2.0 LoginControl-Role management

Author:Ray
Time:2007Year4Month2Day
Http://www.cnblogs.com/Rayinuk/archive/2007/04/02/696711.html

Summary of role management.

First, we will give an msdn article on Role manager. You can go and have a look at it:

Http://msdn2.microsoft.com/en-us/library/ms998314.aspx

At the beginning, I didn't want to use vs role management. Instead, I wanted to create my own role management mechanism, which may be more flexible, but later, I am still changing. I still think that I am more flexible in setting up a role management mechanism and permission mechanism ..

Similar to profile, we still need to start role manager in Web. config. Here, we can configure ASP in IIS. NET attributes, including the modifications we made together, can be implemented on the interface. The configuration is stored in Windows \ Microsoft by default. net \ framework \ v2.0.50727 \ config \ Web. config, you can set it first, and then check the file.

Configure the following in Web. config:

<Rolemanager enabled = "true" defaultprovider = "sqlrolemanager">

<Providers>

<Add name = "sqlrolemanager"

Type = "system. Web. Security. sqlroleprovider"

Connectionstringname = "localsqlserver"

Applicationname = "fbhelper"/>

</Providers>

</Rolemanager>

The connectionstringname can be set as your current web. the connection string defined in config. You do not need to create a new connection string. applicationname indicates the name of your current system (solution name ).

 

OK. After role manager is enabled, you can perform related operations on the foreground. But before that, we need to define the role first. To define a role, you can use the following methods:

1) Use Role provider in front-end code. As follows:

Using system. Web. Security;

If (! Roles. roleexists ("testrole "))

{

Roles. createrole ("testrole ");

}

2) database implementation using stored procedures. Use aspnet_roles_createrole as follows:

Exec aspnet_roles_createrole 'thisapplication', 'newrole'

Exec aspnet_usersinroles_adduserstoroles 'thisapplication', 'thisuser', 'newrole', 8

The created role will be stored in aspnet_roles, and in aspnet_applications and aspnet_users. This will be mentioned later.

After creating a role, we can directly assign the user to a role on the foreground. For example, we need to assign a role to the user after registering a new user. As mentioned in the previous article, we can add the following code to add a user (in the createuserwizard+createduser event:

// Add User implementation code
 

// Add a user to the role

Roles. addusertorole (createuserwizard1.username, "dept1 ");

 

In the above code, I am a hard code and the role "dept1" should be the name of the role, which is determined mainly based on the design in my project.

OK. Now we can check the situation in the database. Role data is mainly reflected in three tables:

Aspnet_application

Aspnet_users

Aspnet_roles

When I checked for the first time, aspnet_roles stored the information of the role we created. But what is the relationship between role and users? Later, I saw an additional user in the aspnet_user table, but the applicationid and userid have different data. I found that a new application record was added to the aspnet_application table,For the relationship between a role and a user, the system defines it as a newApplicationAs a new mechanism stored in the preceding tableAlthough the table has two records with the same user data, they are in different applications.

This is my current opinion on this mechanism. I don't know if it is correct. Please confirm with me.

 

Therefore, when we want to obtain user data from the aspnet_users table, we need to add corresponding conditions for filtering. However, it is only used to obtain the users of the system, because for the role system, we can use the. NET roles manager at the front end for processing. Of course, when the front-end membership manager performs user operations, the operation object automatically points to the user of the system, rather than the user in the role system. For example, when a user is deleted, the user of the role relation in the table still exists. In this case, it seems that manual code is required to delete a user and delete the relationship between the role and the user to avoid junk data in the database.

 

The last step is to see how to use role managers in the foreground to call role information.

This is very simple. Let's take a look at all the help. Here is an example to understand at a Glance:

Set destination in the login control, for example, default. aspx. We need to jump to different interfaces based on the current role. the following code can be added to page_load of aspx:

Protected void page_load (Object sender, eventargs E)
{
Lblmsgrole. Text = "your role is" + roles. getrolesforuser (profile. username) [0];

Response. Write (@ "<script language = 'javascript '> alert ('note: the page will automatically jump to your department page in 10 seconds! '); </SCRIPT> ");

If (roles. getrolesforuser (profile. username) [0]. Equals ("dept1 "))
{
Response. Write (@ "<script language = 'javascript '> setTimeout ('', 10000); </SCRIPT> ");

Response. Write ("<meta http-equiv = 'refresh' content = '10; url =./dept1.aspx '> ");//
}
Else
{
Response. Write (@ "<script language = 'javascript '> setTimeout ('', 10000); </SCRIPT> ");

Response. Write ("<meta http-equiv = 'refresh' content = '10; url =./dept2.aspx '> ");//

}
}

As you can see, we can use roles. getrolesforuser (profile. username) [0]; to obtain the role information of the currently logged-on user and perform relevant Processing Based on the role content. Of course, this is only a simple application in roles manager, and many other functions can be learned from msdn.

Through the two chapters, you should be able to basically apply the login control to your own system, and connect the. Net pre-defined database with your own database to shorten the development time. In fact, I think a login control is more like a learning control, a very good control that reflects the membership, roles, and users applications. Of course, it can also be well applied and system, however, I personally feel that the control is not flexible enough, and it is better for some large and medium-sized projects to be built on their own.

Haha, the login control is really "It's not easy to love you "!