I am working on a web based "document server" site for local users who are already using a windows application with SQL Server controling logins and roles. Since the database for the windows application already stores user names, passwords and user roles I am going to leverage all that in my doc server.

Currently I have the custom username/password authentication working and am now trying to implement Roles for directory security. I have read enough threads from this forum to know I need to implement a custom membership provider but I am not sure how to wire it all up.

So at this point I have the web.config set to use roles
Code:
   <system.web>
        <authorization>
            <allow roles="District Manager" />
            <deny users="*" />
        </authorization>
    </system.web>
And I have a stored procedure that authenticates a user with a boolean (dr.hasrows) and a stored procedure that pulls the role back to the page. However so far I haven't been able to figure out how to combine the login authentication with setting the role in one step. And when I do how to store and use the role as needed.

I think I have two things to work out. 1) is to change my Authentication scheme from a boolean function into a sub that sets the authentication to true and the user role with variables. And then 2) make ASP.Net work with a custom provider instead of the built in membership.

Is my thinking correct here or am I missing something? Any pointers to help me on using my own Roles with ASP's Allow Roles function?