How do I allow multiple roles to see a page when using a custom RoleProvider in ASP.Net

asp.net roles
uriDium picture uriDium · Feb 27, 2009 · Viewed 10.6k times · Source

I have created my own Role Provider because I found the one that ASP.Net provides to be way too bulky in terms of tables in the database. I found implementing a custom RoleProvider to be quite easy.

My only problem is that right now I cannot have multiple roles for a page. I saw somewhere that at the top of your class you need to "anotate it" with some security code. This is what I have

[PrincipalPermission(SecurityAction.Demand, Role="Admin")]

If I try to include multiple roles by using a comma separated list I get errors. If i try to specify multiple role keys then I also get errors. Do i Need to specify multiple PrinicipalPermissions by any chance?

I have very little experience with ASP.Net's role management. Can someone point me in the right direction or at some good literature.

Answer

Kieron picture Kieron · Feb 27, 2009

you can add the PrinicpalPermission attribute multiple times.

[PrincipalPermission(SecurityAction.Demand, Role="Admin")]
[PrincipalPermission(SecurityAction.Demand, Role="AnotherRole")]

Related questions

Can I hide/show asp:Menu items based on role?

Am I able to hide certain menu items in an asp:Menu control based on role? <asp:Menu ID="mTopMenu" runat="server" Orientation="Horizontal" /> <Items> <asp:MenuItem Text="File"> <asp:MenuItem Text="New …

Read More
Set Property Value on Master Page from Content Page

I need to pass data to a variable in my master page each time a page is loaded. I have a string[] of RequiredRoles that I set on each content page defining what roles are required to access that page. …

Read More
Authorization Asp.net web.config

I have an application that has a backoffice. This backoffice was isolated with the use of roles like this: <location path="backoffice"> <system.web> <authorization> <allow roles="admin"/> <deny users="*"/> &…

Read More