RoleManager and role management authorization, rolemanager authorization
Overview address
Https://msdn.microsoft.com/zh-cn/library/9ab2fxh0.aspx
The basic overview is Article 1: understanding role management
From https://msdn.microsoft.com/zh-cn/library/5k850zwb.aspx>
The second article is a reference of the category, which will be available for query in future advanced use.
The last section describes the methods and methods to be rewritten by the RoleProvider.
To use role management, first enable it and configure the access rules that can use the role (optional ). Then, you can use the role management function to process the role at runtime.
<roleManager enabled="true" cacheRolesInCookie="true" ></roleManager>
Then configure the authorization part. Then, the association between the role and permissions is established.
<authorization><allow roles="members" /><deny users="*" /></authorization>
The rest is the association between users and roles. If you are using Windows identity authentication, use the association between the user and the role group that is returned to windows. If you are using Forms identity authentication, use the following code.
/// Create a role Roles. createRole ("members"); // associate a role with a user. addUsersToRole ("JoeWorden", "manager"); string [] userGroup = new string [2]; userGroup [0] = "JillShrader"; userGroup [1] = "ShaiBassli "; roles. addUsersToRole (userGroup, "members ");
A role needs to be created first, but an error is returned when it is created again next time. An error is returned when a user adds a role again.
Verify whether the user has a specified role. You can use the IsInRole method of Iprincipal. To obtain the number of roles of the user, you must use the GetRoles () method of RolePrincipal. After role management is enabled, the User is an instance of RolePrincipal.
Cache role information
If your browser allows cookies, ASP. NET can choose to store role information in the encrypted Cookie on your computer. In each page request, ASP. NET reads the Cookie and fills in the role information of the user based on the Cookie. This policy minimizes the need to read role information from the database. If your browser does not support cookies or the cookies are disabled, the role information is cached only during each page request.
Role provider
By default, the RoleProvider used is SqlRoleProvider, and its connection string is data source =. \ SQLEXPRESS; Integrated Security = SSPI; AttachDBFilename = | DataDirectory | aspnetdb. mdf; User Instance = true: the database is stored in the App_Data folder of the project, but the database has not been attached yet, so you cannot view the content.