.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Relationship between roles and functionality

Posted By:      Posted Date: October 18, 2010    Points: 0   Category :ASP.Net

We have an ASP.NET web application that has been around for over 4 years now.  The web app uses ASP.NET role management with a custom role provider.  The custom role provider connects to a database which includes tables for Users, User Groups, and Roles, with a table linking roles to user groups.

Over the years the application has grown in functionality and roles have been added.  We now have around 30 roles and there is a complaint that it's not clear (due to lack of documentation, bad naming or whatever) what functionality a particular role gives a user.

Is there guidance on how to make the relationship between roles and functionality more transparent?  One suggestion has been to list out the application functionality in another table and create a relationship between Role and Functionality.  The application security would then be programmed against the items in the Functionality table, and the relationships between role and functionality could be maintained through a UI.

To me this approach doesn't quite fit with the concepts behind ASP.NET role based security.  All the framework code methods refer to roles, e.g. "RoleProvider.IsUserInRole(string username, string roleName)" and:

    <allow roles="members" />

Any ideas or thoughts

View Complete Post

More Related Resource Links

An Entity Relationship Diagram Example

An Entity Relationship Diagram conveys a lot of information with a very concise notation. The important part to keep in mind is to limit what you're reading using the following technique:

Choose two entities (e.g. Company and Employee)
Pick one that you're interested in (e.g. how a single Company relates to employees)
Read the notation on the second entity (e.g. the crow's feet with the O above it next to the Employee entity).

Adding Dynamic Rows in ASP.NET GridView Control with TextBoxes and with Delete functionality

In my previous examples, I have demonstrated on how to add dynamic rows in GridView control with TextBoxes and how to save the values into the database. Now, seems that most of the developers are asking if how to add a delete functionality with it. So in this example, I'm going to show on how to delete a certain row in the dynamic GridView with TextBoxes.

ASP.NET forms authentication with roles

.A timeout is specified in minutes. This is "time since last request" not the "time since login". If a login is indicated to be persistent (described later) this is ignored.
.A protection method is specified for the cookie.
Next I wanted to specify a folder to which access is restricted to people who have logged in. To do this I entered the following code in the web.config file (beneath

Good way to do a Many-to-Many relationship?


I've used the automatic  Many-to-Many generation as described here: http://msdn.microsoft.com/en-us/library/dd742359.aspx

But that doesn't seem to allow a quantity to be attached to orders (in the example it would be courses). I have many customers and many products, I would like a customer to be able to order more than one product. Right now I get a grid of checkboxes. I would like instead a field where I could enter a number. 

Is this possible?

Hard Code Roles on the Pages


If i hard coded role=Manager on the specific SiteMap/Folder/Page/etc. I will have problem when the manager need to remove from access a specific page. I need to change the code ont eh page/SiteMap/Folder more move the file into another folder.

What i have in mind is to change the role to taks oriented. such as role=AddStock, Edit Stock, Delete Stock, Print DO, Add Sales, Edit Sales, Deleted Sales..... (but it will be many role for 1 user compare to just 1 as Manager)

Will this cause performance issues later when each user have 60 roles and if i have 20,000 user will it affect the application performance?

Otherwise any other option? to make it flexible.

Want to create Online Business Card designing functionality


 I am going to create Online Business Card designing functionality.

 I am newbie regarding graphics in asp.net. I want to create exactly like following site.




I have some questions


1) How can I write user text in existing image on the fly?

2) How to embed that with aspx page?

3) How to generate it with user inputs like text, font color, size?


Please give me any tutorial URL or any link that could help. Is there any compo

Plug-Ins: Let Users Add Functionality to Your .NET Applications with Macros and Plug-Ins


Most user applications benefit from the ability to be extended by other developers. It's often easier and more efficient to extend an existing application that users are already familiar with and trained on than it is to develop one from scratch. Thus, extensibility makes your application more attractive. You can build extensibility into your application by supporting features like plug-ins or macros. This is easily accomplished using the .NET Framework even if the core application isn't a .NET Framework app. In this article, the author describes extensibility features of the .NET Framework including late binding and reflection and how to use them, along with plug-in security considerations.

Jason Clark

MSDN Magazine October 2003

Command Management: Use Design Patterns to Simplify the Relationship Between Menus and Form Elements


In Windows Forms applications, similar commands, such as those in a menu and their counterparts on a toolbar, are not automatically related. They don't fire the same event or run the same handler routine. Yet code that allows the same or similar user commands to fire the same code simplifies development.This article describes the principles of command management and why it's important to have functional commands that are not exclusive to any one UI element. In order to provide an MFC-like command management infrastructure, a design pattern is developed and applied as a series of C# classes.

Michael Foster and Gilberto Araya

MSDN Magazine October 2002

How in web.config work in MVC



I would like to secure any URL below the http://MyServer/Admins and limit it to a specific role.

In webforms it was straight forward. I just put a child web.config in the /Admin/ folder and add <authorization>  <allow roles> tags to it.

How would be the equivalent technique in MVC?

Thank you,


Roles not updating


I have all my code in my other post about checkboxlist issue, but it boils down to, once i find someone doing my search, it displays their permissions as checkboxes. But if i want to remove a permission and click update, the update doesnt seem to occur, if i search on myself, it returns me with my permissions already checked. I uncheck 1 permission, click update and the checkbox is checked again as the page posts.

Original Post:

My aspx page seems pretty simple:

<asp:Content ID="Content2" ContentPlaceHolderID="MainContent" runat="server">
    <div>Enter UserName: 
        <asp:TextBox ID="TxtUserName" runat="server" /><asp:Button ID="LookupBtn" runat="server" Text="Search" onclick="LookupBtn_Click" />  
    <div class="roleList">
        <asp:CheckBoxList ID="RoleList" runat="server" /><br />
        <asp:button ID="UpdateBtn" text="Update" Visible="false" runat="server" onclick="UpdateBtn_Click" />

My update button event and update method:

Trying to get Roles to populate a checkboxlist based on tutorial and having issues.


I have been using the following tutorial and had to convert the code to C# for my project, now i cant get the code to work, im getting red line under the word "in" in the UpdateRolesFromList,
i tried to add a datasource on page load for the checkboxlist like so RoleList.DataSource = PopulateRoleList(User.Identity.Name.ToString());

and gives me error saying cannot implictly convert type 'void' to 'object'


What am i missing, that when i load the page or even do a search it never displays the checkbox list as it shows in the tutorial?

        protected void Page_Load(object sender, EventArgs e)

        public void PopulateRoleList(string userName)
            string[] roleNames = null;
            string roleName = null;
            roleNames = Roles.GetAllRoles();
            foreach (string roleName_loopVariable in roleNames)
                roleName = r

How to stop the repeated database queries for roles


Hello, friends,

We have a web application using VS 2008, c#. We try to filter siteMap nodes based on security roles. We have our customized the mether GetRolesForUser() in RoleProvider class to determine a user's role. In this method, roles will be returned by querying an SQL Server database.

However, we found that each time a page was loaded/refershed, this  GetRolesForUser() was called, and the database would be queried. This is too MUCH and expensive.

We thought the roles should be queried only once when a user logs in. After that, role info should be stored somewhere for this user, rather than query DB all the time.

Any ideas, reference paper, snipet,...,?

Thanks a lot!

Adding user to certain roles


I have setup ASP security in my application. I used the following tutorial, just wondering if someone can tell me how i can setup this up to allow the creation of a user?


Can someone tell me where to find or what to search on to find some example of how to add the option for adding users?

I have the above setup and its working, but only because of the accounts i created with my global.asax file.
I need to give the admins access to add a new user. Currently i can search on existing users and update them, but need to add the ability to add a new user.

cascading functionality in infopath 2007


Hello ,

I have a few drop downs in my browser based infopath 2007 forms and they  have cascading functioanlity ie they get filtered data..for filtering i qam using a web service..now the issue is that say i have 4 drop downs and for getting the fourt drop down's value the web service takes as input the second and the third's drop down value..now what is happening is that if based on the second drop down value if there is no value returned for third drop down then i cannot get to fourt drop down's value whichi should as it has value irrespective of whether the third drop down has some value or not....this is only the issue when i access the form in browser ..when i access it through the client infopath then it's working good...but in browser form the event is not firing when i select the emty value in third drop down...

Can somebody please tell me what to do..


Using Checkbox and MultiSelect for Roles


I am new to MVC and am using MVCContrib and trying to use the Checkboxlist .My requirement is to display list of all available roles on create user page . I have dine as below .

<%=this.CheckBoxList("Roles").Label("Roles:").Options(new MultiSelectList(Roles.GetAllRoles(),"DataTextField","DataValueField"))%>

In this case GetAllRoles method retuns string[] . How can I assign the "DataTextField","DataValueField" to make it work ?

Thanks in advance.

How to enable check in check out functionality for a custom list?



how could i enable check in check out functionality for a custom list? I know this exists for document libraries, but isnt this possible for custom lists?

Best regards,
Yavuz B.

My Blog http://www.starcoder.net

Accessing Username, password, roles in xml file


Currently I am storing my username and password (passwordFormat="SHA1") credientails in my web.config.  I would like to figure out how to access them in an xml file that I have stored in my App_Data directory rather than the web.config file because I do not want my application restarting everytime I manually add a user (small list of 5 authorized users for the CMS section).

Here is what my web.config section looks like:


<authentication mode="Forms">
      <forms name=".Administration"

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend