Enabling Roles in ASP.NET v2.0

By default the Roles provider is defined in machine.config but it isn't enabled.  Attempting to use the Roles feature before it is enabled will throw the following error:

"The Role Manager feature has not been enabled."

It's easy to enable though.  The ASP.NET v2.0 quickstart explains how to enable this:
http://beta.asp.net/QUICKSTART/aspnet/doc/security/membership.aspx#roles

Since the provider is already defined in machine.config, you can use the same provider or define a new one.  The advantage of using the one in machine.config is that the server administrator can keep it up to date and consistent with the other providers.  I'll give two examples, one inheriting the default machine-level provider and one specifying a new one.  These goes in the <system.web /> section of web.config.

Example 1 - Inherit the machine-level provider

Notice that the defaultProvider name is AspNetSqlRoleProvider which is what is specified in machine.config by default.  It's essential to use this provider name if you will inherit the provider settings.

<roleManager
                    enabled="true"
                    cacheRolesInCookie="true"
                    defaultProvider="AspNetSqlRoleProvider"
                    cookieName=".ASPXROLES"
                    cookiePath="/"
                    cookieTimeout="30"
                    cookieRequireSSL="false"
                    cookieSlidingExpiration="true"
                    createPersistentCookie="false"
                    cookieProtection="All" />

Example 2 - Override and specify all roleManager settings

I took this example directly from http://beta.asp.net.  Notice that the defaultProvider name can be anything you want as long as it matches the provider name.  If you use AspNetSqlRoleProvider which is the name that machine.config uses by default, then make sure to put <remove name="AspNetSqlRoleProvider" /> before the <add />  tag.  Also notice connectionStringName which needs to be defined in machine.config or web.config and point to a database that is prepared with the asp.net v2.0 schema.

<roleManager
                    enabled="true"
                    cacheRolesInCookie="true"
                    defaultProvider="QuickStartRoleManagerSqlProvider"
                    cookieName=".ASPXROLES"
                    cookiePath="/"
                    cookieTimeout="30"
                    cookieRequireSSL="false"
                    cookieSlidingExpiration="true"
                    createPersistentCookie="false"
                    cookieProtection="All">
            <providers>
                <add name="QuickStartRoleManagerSqlProvider"
                    type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
                    connectionStringName="ASPNETDB"
                    applicationName="SecurityQuickStart"/>
            </providers>
        </roleManager>

In case you are curious and for perspective, I'll include the default machine.config definition for the roleManager section.

        <roleManager>
            <providers>
                <add name="AspNetSqlRoleProvider" connectionStringName="LocalSqlServer" applicationName="/"
                    type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
                <add name="AspNetWindowsTokenRoleProvider" applicationName="/"
                    type="System.Web.Security.WindowsTokenRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
            </providers>
        </roleManager>

4 Comments

  • How do i change the roleprovide at runtime? It is taking the default role providers but not the one that is required for the membership provider. I have 2 membership provider and 2 rolemanager providers, based on the membership provider rolemanager provider should also be changed dynamicaly.

    Could u please give solution or suggestions for the same.

    prahalad.keerni@prithvisolutions.com

  • The easy way to pick a roleprovider at runtime is the following:

    RoleProvider rp = Roles.Providers["myroleprovider"];

    then just use the rp object instead of the Roles static class.

  • Where/How are the roles defined and stored in the database in this example:

    if (Roles.IsUserInRole(Login1.UserName, "Admin")) { Response.Redirect("~/Admin/Default.aspx");

  • fl0wmastr, they are handled using the ASP.NET Role provider. The connectionStringName property is used to specify the database, and in the database, there are a set of aspnet_* tables that need to be created using aspnet_regsql. Here's a good walkthrough: http://odetocode.com/articles/427.aspx.

Comments have been disabled for this content.