How to Implement Custom Role Provider in VS2008 and VS2010

There are two primary reasons for creating a custom role provider; they are:

  1. You need to store role information in a data source that is not supported by the role providers included with the .NET Framework, such as a FoxPro database, an Oracle database, or other data source.
     
  2. You need to manage role information using a database schema that is different from the database schema used by the providers that ship with the .NET Framework. A common example of this would be authorization data that already exists in a SQL Server database for a company or web site.

To create a Custom Role provider, please use the following procedure.

1. Create a class (named CustomRoleProvider.cs) that inherits the RoleProvider abstract class from the System.Web.Security namespace and implements all the required methods.

public class CustomRoleProvider: RoleProvider
{
    public override bool IsUserInRole(string username, string roleName)
    {
        throw new System.NotImplementedException();
    }

    public override string[] GetRolesForUser(string username)
    {
        throw new System.NotImplementedException();
    }

    public override void CreateRole(string roleName)
    {
        throw new System.NotImplementedException();
    }

    public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
    {
        throw new System.NotImplementedException();
    }

    public override bool RoleExists(string roleName)
    {
        throw new System.NotImplementedException();
    }

    public override void AddUsersToRoles(string[] usernames, string[] roleNames)
    {
        throw new System.NotImplementedException();
    }

    public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
    {
        throw new System.NotImplementedException();
    }

    public override string[] GetUsersInRole(string roleName)
    {
        throw new System.NotImplementedException();
    }

    public override string[] GetAllRoles()
    {
        throw new System.NotImplementedException();
    }

    public override string[] FindUsersInRole(string roleName, string usernameToMatch)
    {
        throw new System.NotImplementedException();
    }

    public override string ApplicationName { get; set; }
}


2. Now implement your own logic for the following methods:

  • string[] GetAllRoles()

  • string[] GetRolesForUser(string userName)

  • bool IsUserInRole(string username, string roleName)

  • bool RoleExists(string roleName)

GetAllRoles() This method get all roles for the System.
GetRolesForUser() This method gets the role of the current logged in user
IsUserInRole() This method checks weather a specified user belongs to the specified role or not
RoleExists() This method checks weather the given role exists in the system or not.

3. Change the logic for the following methods.

This method returns all the roles in the system.

public override string[] GetAllRoles()
{
    var userRoleList= new UserRoleDataGateway().GetAllUserRole();
    var userRole = new string[3];
    var i = 0;
    foreach (var userRoleData in userRoleList)
    {
       userRole[i] = userRoleData.RoleName;
       i++;
     }
     return userRole;
}

This method returns the role for the given user. This method will be called by the Authorization module.

public override string[] GetRolesForUser(string userName)
{
    var userData = new UserProfileDataGateway().GetUserProfileInformation(userName);
    var userRole = userData.Role;
    if (!string.IsNullOrEmpty(userRole))
    {
       return new[] { userRole };
    }
    return new[] { "visitor" };
//dummy
}

This method returns true/false depending on the role of the user.

public override bool IsUserInRole(string username, string roleName)
{
    var roles = GetRolesForUser(username);
    foreach (var role in roles)
    {
         if (role.Equals(roleName))
         {
             return true;
         }
    }
    return false;
}

This method gets all system roles.
 

public override bool RoleExists(string roleName)

{

    var roles = GetAllRoles();

    foreach (string role in roles)

    {

         if (role.Equals(roleName))

         {

             return true;

         }

    }

    return false;

}

4. Now in your web.config add the following:
 

<system.web>

<roleManager defaultProvider="CustomRoleProvider" enabled="true">

     <providers>

          <clear/>

          <add name="CustomRoleProvider" type="DemoApplication.CustomRoleProvider"  

          applicationName="DemoApplication" writeExceptionsToEventLog="false"/>

     </providers>

   </roleManager>

</system.web>

5. To verify, you can set role based access in web.config for a specified page as shown below.

<location path="UserDetails.aspx">
    <system.web>
        <
authorization>
            <
allow roles="Super Admin, Admin, Employee"/>
            <deny roles="visitor"/>
            <deny users="?"/>
       
</authorization>
    </
system.web>
</
location>


You can do this in each Page level by calling the IsUserInRole() method every time. Instead you can set it directly in the web.config file.
 

Up Next
    Ebook Download
    View all
    Learn
    View all