How to make it work

Requirements to use the module
- Modify the config file
- Write a method for determining user roles

More basic security info
- modify the config file(s) for role-based security
- provide a login page and login code

 

 


Modify the config file

Remember, the DLL needs to be accessible. So it needs to be put either into the web application's root bin directory, or into the GAC.

Add a reference to the DLL in the httpModules section like the following (This will be different if you use the GAC):

<httpModules>
  <add type="BitFactory.Utilities.RoleAuthentication.RoleAuthenticator, BitFactory.Utilities.RoleAuthentication"
          name="RoleAuthentication"
/>
</httpModules>

 


Write a method for determining user roles

The method you write will only be called once per user per session, after the user has logged in. It goes into the code-behind file for Global.asax . The following code is just an example. You'll need to provide your own logic.

protected void RoleAuthentication_RetrieveRoles( object sender, RetrieveRolesArgs args ) {
   if ( args.UserId == "JohnSmith" )
      args.Roles = new string[] { "admin", "user" };
   else
      args.Roles = new string[] { "user" };
}

Note that the name of the method must match the name placed in the config file like the following:

NameOfModuleInConfigFile_RetrieveRoles

 

 
Every application needs logging to some degree, whether it's for recording user actions,
notifying support of application errors, or debugging applications. Do yourself a favor and
take a look at this
logging framework.
 


© Copyright 2002 - Lorne Brinkman - All Rights Reserved
www.TheObjectGuy.com