Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

SqlRoleProvider Class

Manages storage of role membership information for an ASP.NET application in a SQL Server database.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)
public class SqlRoleProvider : RoleProvider

The SqlRoleProvider type exposes the following members.

  NameDescription
Public methodSqlRoleProviderCreates an instance of the SqlRoleProvider class.
Top
  NameDescription
Public propertyApplicationNameGets or sets the name of the application for which to store and retrieve role information. (Overrides RoleProvider.ApplicationName.)
Public propertyDescriptionGets a brief, friendly description suitable for display in administrative tools or other user interfaces (UIs). (Inherited from ProviderBase.)
Public propertyNameGets the friendly name used to refer to the provider during configuration. (Inherited from ProviderBase.)
Top
  NameDescription
Public methodAddUsersToRolesAdds the specified user names to each of the specified roles. (Overrides RoleProvider.AddUsersToRoles(String[], String[]).)
Public methodCreateRoleAdds a new role to the role database. (Overrides RoleProvider.CreateRole(String).)
Public methodDeleteRoleRemoves a role from the role database. (Overrides RoleProvider.DeleteRole(String, Boolean).)
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodFindUsersInRoleGets an array of user names in a role where the user name contains the specified user name to match. (Overrides RoleProvider.FindUsersInRole(String, String).)
Public methodGetAllRolesGets a list of all the roles for the application. (Overrides RoleProvider.GetAllRoles().)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetRolesForUserGets a list of the roles that a user is in. (Overrides RoleProvider.GetRolesForUser(String).)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodGetUsersInRoleGets a list of users in the specified role. (Overrides RoleProvider.GetUsersInRole(String).)
Public methodInitializeInitializes the SQL Server role provider with the property values specified in the ASP.NET application's configuration file. This method is not intended to be used directly from your code. (Overrides ProviderBase.Initialize(String, NameValueCollection).)
Public methodIsUserInRoleGets a value indicating whether the specified user is in the specified role. (Overrides RoleProvider.IsUserInRole(String, String).)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodRemoveUsersFromRolesRemoves the specified user names from the specified roles. (Overrides RoleProvider.RemoveUsersFromRoles(String[], String[]).)
Public methodRoleExistsGets a value indicating whether the specified role name already exists in the role database. (Overrides RoleProvider.RoleExists(String).)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Top

This class is used by the Roles and RolePrincipal classes to provide role-management services for an ASP.NET application using a SQL Server database. You can use role management to specify different levels of authorization for your application.

To use the SqlRoleProvider class, you must first create the SQL Server database used by the SqlRoleProvider. To create the database used by the SqlRoleProvider class, run the aspnet_regsql.exe executable found in the C:\WINDOWS\Microsoft.NET\Framework\ versionNumber folder and specify the -Ar option (for example, aspnet_regsql.exe -Ar). The database created is called Aspnetdb. Alternatively, run aspnet_regsql.exe to pull up the GUI configuration mode and choose to configure all ASP.NET features.

If the role provider is configured with a connection string that uses integrated security, the process account of the ASP.NET application must have rights to connect to the SQL Server database.

The Machine.config file is configured with a SqlRoleProvider instance named AspNetSqlProvider that connects to the SQL Server on the local machine. You can use this instance of the provider, or specify your own in the Web.config file for your ASP.NET application. To use the AspNetSqlProvider instance, specify AspNetSqlProvider as the defaultProvider in your roleManager configuration.

You can configure the SqlRoleProvider to use the same database and user information as the SqlMembershipProvider in order to use a single database for authentication and authorization information. To use the same database for membership and role information, run the aspnet_regsql.exe executable and install the membership feature. Then, specify the same connection string in your configuration for both your SqlRoleProvider and SqlMembershipProvider instances. Also ensure that both provider instances are configured with the same ApplicationName.

The following example shows the Web.config file for an ASP.NET application configured to use a SqlRoleProvider object and the SqlMembershipProvider. The authorization element is configured to only allow access to authenticated users in the Administrators role.

<configuration>
  <connectionStrings>
    <add name="SqlServices" connectionString="Data Source=localhost;Integrated Security=SSPI;Initial Catalog=aspnetdb;" />
  </connectionStrings>
  <system.web>
    <authentication mode="Forms" >
      <forms loginUrl="logincs.aspx"
      name=".ASPXFORMSAUTH" />
    </authentication>
    <authorization>
      <deny users="?" />
         <allow roles="Administrators" />
         <deny users="*" />
    </authorization>
    <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
      <providers>
        <add 
          name="SqlProvider" 
          type="System.Web.Security.SqlMembershipProvider" 
          connectionStringName="SqlServices"
          enablePasswordRetrieval="false"
          enablePasswordReset="false"
          requiresQuestionAndAnswer="false" 
          passwordFormat="Hashed" 
          applicationName="SampleApplication" />
      </providers>
    </membership>
    <roleManager defaultProvider="SqlProvider" 
      enabled="true"
      cacheRolesInCookie="true"
      cookieName=".ASPROLES"
      cookieTimeout="30"
      cookiePath="/"
      cookieRequireSSL="true"
      cookieSlidingExpiration="true"
      cookieProtection="All" >
      <providers>
        <add
          name="SqlProvider"
          type="System.Web.Security.SqlRoleProvider"
          connectionStringName="SqlServices" 
          applicationName="SampleApplication" />
      </providers>
    </roleManager>
  </system.web>
</configuration>

.NET Framework

Supported in: 4.5.1, 4.5, 4, 3.5, 3.0, 2.0

Windows Phone 8.1, Windows Phone 8, Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft. All rights reserved.