Printable View
We can define Users and Roles for databases and tables in SQL server but i wonder how this can be implemented in real time applications developed in platforms like VB, VB.Net etc..
I mean when we create applications, we do create the login form to enter the application. Once a user is inside the application, he/she should be having different privileges. Some users can only view the informations and some can add/edit/delete informations through the application. So, i wanna know how this is done?
Hi
You can assign user to roles by handle the OnCreatedUser event. Here is an example in VB.NET Hope it helps
Code:Protected Sub CreateUserWizard1_CreatedUser(ByVal sender As Object, ByVal e As System.EventArgs) Handles CreateUserWizard1.CreatedUser
Roles.AddUserToRole(CreateUserWizard1.UserName, "rolename")
End Sub
To create the Users and Roles you have to create a table in the database with user ids and their various privileges.
When the created users logs in to the query table to get their current privileges into an array.
Then in the application layer control via code which pages or features they are allowed to access based on the values in the array.
Changing the DB privileges directly seems or reflects in the VB project window.
Authentication is the process of identifying a user; authorization is the process of deciding which parts of your application that user can see and interact with. The forms-based security controls and database that comes with Visual Basic 2005 allows you to set authorization for specific users based on their being assigned to a role (such as guest, member, manager, etc). You do so in three steps: create the roles, assign permissions to each role, and then assign users to the roles. Any given user may be in more than one role (e.g., administrator and manager). The permissions you assign to each role may determine access to a page, or may change the content of a given page displayed to members of that role.
To demonstrate how to create roles and assign users to those roles, you’ll need to create a new application, ASPSecurityRoles.
pen Web.config and you’ll see that the WAT has updated it to add roles management:
Depending on how your machine is set up and which database you are using, you may or may not have thedefaultProviderentry in yourWeb.config.Code:<system.web>
<roleManager enabled="true" />
<authentication mode="Forms"/ >
<membership defaultProvider="AspNetSqlMembershipProvider"/>
<compilation debug="true"/>
</system.web>