I am working on a web based "document server" site for local users who are already using a windows application with SQL Server controling logins and roles. Since the database for the windows application already stores user names, passwords and user roles I am going to leverage all that in my doc server.
Currently I have the custom username/password authentication working and am now trying to implement Roles for directory security. I have read enough threads from this forum to know I need to implement a custom membership provider but I am not sure how to wire it all up.
So at this point I have the web.config set to use roles
And I have a stored procedure that authenticates a user with a boolean (dr.hasrows) and a stored procedure that pulls the role back to the page. However so far I haven't been able to figure out how to combine the login authentication with setting the role in one step. And when I do how to store and use the role as needed.Code:<system.web> <authorization> <allow roles="District Manager" /> <deny users="*" /> </authorization> </system.web>
I think I have two things to work out. 1) is to change my Authentication scheme from a boolean function into a sub that sets the authentication to true and the user role with variables. And then 2) make ASP.Net work with a custom provider instead of the built in membership.
Is my thinking correct here or am I missing something? Any pointers to help me on using my own Roles with ASP's Allow Roles function?




Reply With Quote