.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

how to add role based security using (ul - li) for menus ?

Posted By:      Posted Date: October 25, 2010    Points: 0   Category :ASP.Net

Hi, All

   How can I implement role based security that would show the admin tab if the user was logged in as a admin by using (ul-li) like the below code as a simple example. I do not want to use the menu control is this possible ?


<li><a href="#">Services</a></li>
<li><a href="#">About us</a></li>
<li><a href="#">Admin</a></li>

Many Thanks


View Complete Post

More Related Resource Links

Authorize It: Use Role-Based Security in Your Middle Tier .NET Apps with Authorization Manager


Authorization Manager in Windows Server 2003 represents a significant improvement in the administration of role-based security, making it more scalable, flexible, and easier to implement. Using Authorization Manager, you can define roles and the tasks those roles can perform. You can nest roles to inherit characteristics from other roles, and you can define application groups. In addition, Authorization Manager lets you use scripts to modify permissions dynamically, and it allows you to wrap your security logic in a security policy that can be stored in Active Directory. Authorization Manager also includes an easy-to-use API for running access checks. The author discusses all of these topics and demonstrates them with a working sample.

Keith Brown

MSDN Magazine November 2003

Security: Unify the Role-Based Security Models for Enterprise and Application Domains with .NET


Role-based security allows administrators to assign access permissions to users based on the roles they play rather than on their individual identities. These privileges can be used to control access to objects and methods, and are easier to identify and maintain than user-based security. The .NET Framework provides two role-based security models, which are exposed as two namespaces: System.Enterprise-Services and System.Security.Permissions. Presented here is a comparison of the two options and a discussion of when each is the right choice. The author also demonstrates the process involved in setting up access security and discusses role memberships.

Juval Lowy

MSDN Magazine May 2002

Getting filtered data from Role based SSAS security

Hi everyone,I've got a heap of reports that are based on various SSAS cubes. I have roles defined on these cubes that restrict data via certain dimensions. Question is, will these restrictions filter through to the report...ie, if I have a sales person restricted in the SSAS cube to only see sales against their territory (restricted in the Territory dimension), when they run the report will it filter the result based on their SSAS credentials and only show the data they have access to (even though the SSRS report has no direct filters or parameters applied)?Cheers for any help!!

Sharepoint 2010 with role-based asp.net security


I have a Sharepoint 2010 (forms authentication) site on windows server 2008 with asp.net role-based security. At the highest level i have document libraries with folders within each as shown below.

> Doc Lib 1

>> Sub folder 1

>> Sub folder 2

> Doc Lib 2

>> Sub folder 1

>> Sub folder 2

Sub folder 1 and sub folder 2 are the same within each document library.

I want to be able to use asp.net roles to restrict users access to the document library. For example, user 1 should only be able to access sub folder 1 within doc lib 1. I'm not sure how i should go about configuring the roles.

I have created role1 for access to doclib1 and role2 for doclib2. In addition i also have roleA for access to subfolder1 and roleB for access to subfolder2. I have assigned the roles the libraries and folders. To user 1, i have assigned : role1 and role A. I expect that user1 should only see doclib1 and within it subfolder1. But that isn't the case.

How do i achieve my desired results?

Custom access denied page for role based security


I have implemented role based security in my asp.net 2.0 vb.net application using windows authentication and the windowstokenroleprovider and limiting access to certain pages using the location tag to specific active directory groups.

The issue is that when a user tries to access a page they are not authorized to view it brings up a login prompt and when it does not pass it takes them to the default page that tells them they are not authorized to view the page. I am wondering if there is a way to throw up a custom page that tells them they are not athorized to view the page that I can incorporate into the site itself with the header and so forth? It would be great if this page could come up in lieu of the sign in box popping up as well.


Problem making Role based Menu in MVC application



 I want to make Rolebase menu in MVC such that if user doesnot have permission for some action then that Action name shouldnot be shown in the Menu.

 I have used the code in the url(http://forums.asp.net/t/1566328.aspx) in my MVC application.My application is a Discussion Forum(in MVC) same functionality as in this forum forums.asp.net

 I have used Controllers for post, thread etc.In each controller there are some actions that are using [Authorize(Roles)] attribute

 but this coding does not count  those Actions in Controllers having Authorize attribute according to the url http://forums.asp.net/t/1566328.aspx 

 In the code, Authorize attribute is applied to Controller class, but my requirement is of Applying Authorize attribute to some actions in controller so that some are available for all users and  some links are available rolewise.Now what is the solution for that?



Test-Driven Design: Using Mocks And Tests To Design Role-Based Objects


Use Test-Driven Development with mock objects to design object oriented code in terms of roles and responsibilities, not categorization of objects into class hierarchies.

Isaiah Perumalla

MSDN Magazine June 2009

Security Briefs: Exploring Claims-Based Identity


Keith Brown introduces you to the new identity model in the Microsoft .NET Framework 3.0.

Keith Brown

MSDN Magazine September 2007

require guideline for 'Role-based authentication/authorization'



In my asp.net website in VS-2005 with SQL-Server 2005 as db, I need to implement role-based Authentication/Authorization.

I am familiar to the practises used in role-based authentication..as I have previously worked on projects that used this method. However, my project lead used to design the database. Now I have an existing website where authentication has been set to anonymous by setting 'allow users="?"' in the authentication tags in web.config.

If I use the createUserWizard control and use the Membership.creatUser(.....) method in code behind will the asp.net security tables, like users, roles, userinrole etc get created on its own? Can anyone please give the proper steps on how to acheive this?

Video: Introduction to Claims-based Security in SharePoint 2010

Learn how claims-based identity provides a common way for applications to acquire identity information from users inside their organization, in other organizations, and on the Internet. (Length: 23:46)

can't get role based authorization to work

My problem is that my service will not start regardless of what I put in the Role demand.  I even try "BUILTIN\Users" or "Users". Basically, there is absolutely no scenario where the out of the box WCF functionality actually works.  So what magic do I have to do to enable Authorization to check if the authenticated identity has a specific domain group membership? <system.serviceModel> <bindings> <netTcpBinding> <binding name="RBSync" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10" maxReceivedMessageSize="65536"> <reliableSession ordered="true" enabled="true" /> <security mode="Transport"> <transport clientCredentialType="Windows" protectionLevel="EncryptAndSign"/> </security> </binding> </netTcpBinding> </bindings> <client /> <behaviors> <serviceBehaviors>

Cross Dimension Role Security

Hello guys,





The Problem:

As you can see the DimSeller is related to the DimCustomer by a non key attribute called "CNPJ", my question is how can i define role security based on that dimension attribute.

For example:

Im a customer with the cnpj 1234, and when i want to see the seller cnpj i can only see the "rows" that the Customer.CNPJ in the DimSeller is equal to my cnpj. 

My future needs i will associate the cnpj with a claims autentication user so than i can use that on sharepoint. At this page I found something like i need, but there i should repeat the steps for each attribute of the dimension, and that would be very hard.

Anyone have some suggestion wich is the best approach for doing this?

Menu - Role security not working on second level of sitemap


I have role assignments on both the first and second level of my menus within my sitemap file.  The first level works fine, and I only see items assigned to my role.

But roles assignments seem to have no effect on the second level.  It seems like if you have access to the first level, you have access to everything on the second level.

Is this correct?

From my sitemap (either a SalesRep or an Administrator can see everything underneath):

    <siteMapNode title="Administration" roles="SalesRep,Administrator" description="Admin" >

      <siteMapNode title="CompanyMaintenance" roles="SalesRep" url="~/Admin/CompanyManagement.aspx" />

      <siteMapNode title="Initialize Roles" roles="Administrator" url="~/Admin/Roles.aspx"/>


From my config:

    <roleManager enabled="true" defaultProvider="SqlRoleProvider">

ASP.net role based authorization using froms authentication fails


Hi Dot Net Gurus,

I am trying to implement a simple role based authorization using forms authentication in ASP.net. It works perfectly fine in my local system but fails when I deploy in production (shared hosting). Whenever I try to log in, rather than taking me to the default page in specified directory it throws me back to the login page. I suspect that there is some issues with the configuration but not sure where the problem is. The code is provided below:

Web.config (root):

<authentication mode="Forms">
	<forms name="userId" loginUrl="Login.aspx" defaultUrl="Default.aspx" path="/" timeout="240" requireSSL="false" />

Web.config (Member directory):

            <allow roles="Member" />
            <deny users="*" />


    protected void btnLogin_Click(object sender, ImageClickEventArgs e)
        String email = "";

Show users based on ad-security group or OU


Will it somehow be possible to show members of a AD group ?

We have some superusers, and they all have the ad-group: super_users.

Can i show all members somehow ?

Maybe by a search flag, so it is just a link to a search result ?

Jakob Olsen

retrive Cube Role Security information


how can I retrive cube role security information ( including members, dimension security, etc..) using AMO?

where can I find code examples?




Thread identity and role based authorisation using MSMQ queues


I'm sending a message to a WCF service by named pipe and MSMQ queue, using the default security settings.

When using the named pipe, the security context windows identity (ServiceSecurityContext.Current.WindowsIdentity) is set to the calling user's idenity, and since the calling user is in the "Users" role, the thread identity (Thread.CurrentPrincipal) is in the role "Users".

However, when using the MSMQ queue, the windows identity is empty (it's not null, but has no Name), and the thread identity is NOT in the role "Users".  The latter is means role based authorisation cannot be used when using MSMQ queues.

Does anyone know how to set it up such that the role based information is available when using queues?

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend