Role-based Security with Forms Authentication
Question
I'm working on a web login application using forms authentication and role authentication.
I'm not so familiar with the role authentication , I've searched in google for some tutorials but I couldn't understand.
So ,
1.For creating an user with a certain role everything must be done here: http://i1.asp.net/asp.net/images/pss/module08_06.jpg ( but , I want to store users info and roles in the asp.net sql database )
What I thought so far is to create a database with the followings table columns:
1.ID(int,primary)
2.Username(varchar(10))
3.Password(varchar(10))
4.RoleType(varchar(10)) - Roles are : Admin / User
On login , check if the user&pass are valid if yes then select the roletype from the database for the current user .
If roletype = Admin
Redirect to a certain page
else if roletype = user
Redirect to other page
But I don't think asp.net web page knows that the column RoleType is used for roles and it doesn't make sense , I mean there's no conection between and my column for called RoleType
<location path="\Admin\">
<system.web>
<authorization>
<allow users="Admin"/> //this
<deny users="*"/>
</authorization>
So , if anyone wouldn't mind helping me , I would really appreciate. Thanks
1 answers
solution1
0 2016-04-08 12:58:14
您必须在global.asax中为用户分配角色,您可以参考以下教程http://www.aspsnippets.com/Articles/Assign-Roles-to-Users-in-ASPNet-Form-Based-Authentication.aspx
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.