PortSight Secure Access Documentation

Using ASP.NET 2.0 Role Manager with Secure Access

 

ASP.NET role management helps you to manage authorization, allowing you to specify which resources users in your application are allowed to access. Role management lets you treat groups of users as a unit by assigning users to roles. For more information, see Managing Authorization Using ASP.NET Roles in Visual Studio documentation.

ASP.NET role management consists primarily of built-in role providers, which communicate with the data source, and the static role class that exposes the functionality of the role providers. If you want to use Secure Access as a role provider in your application, proceed the following steps:

 

  1. Add ARWebSecurity.dll to your project's references.

     

  2. Specify Secure Access database connection:

    1. If your application is not going to use any other Secure Access functionality (inlcuding Secure Access user controls), add an entry to the /configuration/connectionStrings section of your Web.config file, since this is the default connection string management approach in ASP.NET 2.0 configuration. 

         <connectionStrings>
     <add name="SecureAccessConnectionString"
        connectionString="data source=localhost;initial catalog=SecureAccess;user id=portsight;password=p0sight%.x"/>
   </connectionStrings>

    2. If your application already uses some Secure Access classes or user controls, continue using its connection string configuration placed in the /configuration/appSettings section of your Web.config file. 

         <appSettings>
     <add key="SecureAccessConnectionString"
        value="data source=localhost;initial catalog=SecureAccess;user id=portsight;password=p0sight%.x" />		 
   </appSettings>

  3. Modify the /configuration/system.web/roleManager section so that it contains the following text: 

       <roleManager enabled="true" defaultProvider="SecureAccessProvider">
      <providers>
         <add name="SecureAccessProvider"
            type="PortSight.SecureAccess.ARWebSecurity.ARMembershipProvider"
            connectionStringName="SecureAccessConnectionString"
            applicationName="SecureAccess" />
      </providers>
   </roleManager>

What you did:

Save the configuration file. Since now, you can use the built-in Web Site Administration Tool to manage access rights to your pages using the information saved in the Secure Access database. Remember that roles in Secure Access are associated with a particular application. The name of the target application has to be specified in the role manager configuration section. If the name is not specified, the root of the application's virtual path is used.