Click here to Skip to main content
Click here to Skip to main content

Tagged as

Go to top

A simple work around of Forms Authentication based on user's role

, 25 Aug 2010
Rate this:
Please Sign up or sign in to vote.
this tip is to use roles instead of individual user's access right to limit user's access on folders
Introduction
 
I have been searching through google couldn't find a better solution to authenticate user easily and quickly. Here is a solution I made so far, please comment on, help me improve it.
 
Background
 
Asp.net provide 2 authentication method, forms and windows, people normally use forms, because it provide more flexibility, while-as windows type authentication requires PC create account every user. With forms authentication a web site can use database or other method to authenticate users.
 
How it works
 
Download source code, create a IIS virtual directory, run it. That's all. It provide a default page, login page, logout page, and an admin folder, which restrict user 's access by through web.config file.
 
At this web.config file, important parts are:
 
1. Create an entry called "admin" folder, only allow users with a role of "administrators" to access it.
2. Authentication mode set to "Forms".
 
Web.config file snippet like this:
 
<location path="Admin">
    <system.web>
        <authorization>
            <allow roles="Administrators"/>
            <deny users="*"/>
        </authorization>
    </system.web>
</location>
<authentication mode="Forms"/>
 
Create a site map, which will be used to create your web site. Web.sitemap file
web.SiteMap file may look like this:
 
<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
    <siteMapNode url="~" title="Home"  description="">
        <siteMapNode url="default.aspx" title="Home"  description="" roles="*"/>
      <siteMapNode url="login.aspx" title="Login"  description="" roles="*"/>
      <siteMapNode url="Admin/" title="Administration"  description="" roles ="*" >
        <siteMapNode url="Admin/default.aspx" title="Administration"  description="" roles ="Administrators" />
      </siteMapNode>
      <siteMapNode url="logout.aspx" title="Logout"  description="" roles="*"/>
    </siteMapNode>
</siteMap>
 
Your login.aspx may look like following:
protected void btnLogin_Click(object sender, EventArgs e)
    {
        FormsAuthenticationUtil.RedirectFromLoginPage("Lewis", "Administrators", true);
    }
 
FormsAuthenticationUtil is a third party dll, which I found is quite reliably pass user's roles to application. "Lewis" is a authenticated user, "Administrators" is that user's role, this role conform to our web.config's roles and folder settings.
 
At your global.asax, you should see following line
protected void Application_AuthenticateRequest(Object sender, EventArgs e)
    {
        if (HttpContext.Current.User != null)
        {
            if (HttpContext.Current.User.Identity.IsAuthenticated)
            {
                if (HttpContext.Current.User.Identity is FormsIdentity)
                {
                    FormsIdentity id =
                        (FormsIdentity)HttpContext.Current.User.Identity;
                    FormsAuthenticationTicket ticket = id.Ticket;
 
                    // Get the stored user-data, in this case, our roles
                    string userData = ticket.UserData;
                    string[] roles = userData.Split(',');
                    HttpContext.Current.User = new GenericPrincipal(id, roles);
                }
            }
        }
    } 
 
 
Remeber add following line at top your Global.asax file:
 
        <%@ Import Namespace="System.Security.Principal" %>
 
Please rate or comment on Smile | :)

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

Lewis Liu L
Software Developer
Australia Australia
If you think this article is useful, please donate using paypal:
https://www.paypal.com/au/webapps/mpp/make-online-payments
 
by using my email: yyiu002@hotmail.com

Comments and Discussions

 
-- There are no messages in this forum --
| Advertise | Privacy | Mobile
Web01 | 2.8.140916.1 | Last Updated 25 Aug 2010
Article Copyright 2010 by Lewis Liu L
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid