SqlRoleProvider Class
This page is specific to:.NET Framework Version:2.03.03.54.0
.NET Framework Class Library
SqlRoleProvider Class

Manages storage of role membership information for an ASP.NET application in a SQL Server database.

Namespace:  System.Web.Security
Assembly:  System.Web (in System.Web.dll)
Syntax
Copy to ClipboardPrint
'Usage

Dim instance As SqlRoleProvider

'Declaration

<AspNetHostingPermissionAttribute(SecurityAction.InheritanceDemand, Level := AspNetHostingPermissionLevel.Minimal)> _
<AspNetHostingPermissionAttribute(SecurityAction.LinkDemand, Level := AspNetHostingPermissionLevel.Minimal)> _
Public Class SqlRoleProvider _
    Inherits RoleProvider
Remarks

This class is used by the Roles and RolePrincipal classes to provide role-management services for an ASP.NET application using a SQL Server database. You can use role management to specify different levels of authorization for your application.

To use the SqlRoleProvider class, you must first create the SQL Server database used by the SqlRoleProvider. To create the database used by the SqlRoleProvider class, run the aspnet_regsql.exe executable found in the C:\WINDOWS\Microsoft.NET\Framework\ versionNumber folder and specify the -Ar option (for example, aspnet_regsql.exe -Ar). The database created is called Aspnetdb. Alternatively, run aspnet_regsql.exe to pull up the GUI configuration mode and choose to configure all ASP.NET features.

If the role provider is configured with a connection string that uses integrated security, the process account of the ASP.NET application must have rights to connect to the SQL Server database.

The Machine.config file is configured with a SqlRoleProvider instance named AspNetSqlProvider that connects to the SQL Server on the local machine. You can use this instance of the provider, or specify your own in the Web.config file for your ASP.NET application. To use the AspNetSqlProvider instance, specify AspNetSqlProvider as the defaultProvider in your roleManager configuration.

You can configure the SqlRoleProvider to use the same database and user information as the SqlMembershipProvider in order to use a single database for authentication and authorization information. To use the same database for membership and role information, run the aspnet_regsql.exe executable and install the membership feature. Then, specify the same connection string in your configuration for both your SqlRoleProvider and SqlMembershipProvider instances. Also ensure that both provider instances are configured with the same ApplicationName.
Examples

The following example shows the Web.config file for an ASP.NET application configured to use a SqlRoleProvider object and the SqlMembershipProvider. The authorization element is configured to only allow access to authenticated users in the Administrators role.

<configuration>
  <connectionStrings>
    <add name="SqlServices" connectionString="Data Source=localhost;Integrated Security=SSPI;Initial Catalog=aspnetdb;" />
  </connectionStrings>
  <system.web>
    <authentication mode="Forms" >
      <forms loginUrl="logincs.aspx"
      name=".ASPXFORMSAUTH" />
    </authentication>
    <authorization>
      <deny users="?" />
         <allow roles="Administrators" />
         <deny users="*" />
    </authorization>
    <membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="15">
      <providers>
        <add 
          name="SqlProvider" 
          type="System.Web.Security.SqlMembershipProvider" 
          connectionStringName="SqlServices"
          enablePasswordRetrieval="false"
          enablePasswordReset="false"
          requiresQuestionAndAnswer="false" 
          passwordFormat="Hashed" 
          applicationName="SampleApplication" />
      </providers>
    </membership>
    <roleManager defaultProvider="SqlProvider" 
      enabled="true"
      cacheRolesInCookie="true"
      cookieName=".ASPROLES"
      cookieTimeout="30"
      cookiePath="/"
      cookieRequireSSL="true"
      cookieSlidingExpiration="true"
      cookieProtection="All" >
      <providers>
        <add
          name="SqlProvider"
          type="System.Web.Security.SqlRoleProvider"
          connectionStringName="SqlServices" 
          applicationName="SampleApplication" />
      </providers>
    </roleManager>
  </system.web>
</configuration>
.NET Framework Security
Inheritance Hierarchy
System..::.Object
  System.Configuration.Provider..::.ProviderBase
    System.Web.Security..::.RoleProvider
      System.Web.Security..::.SqlRoleProvider
Thread Safety
Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Platforms

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Version Information

.NET Framework

Supported in: 3.5, 3.0, 2.0
See Also

Reference

SqlRoleProvider Members
System.Web.Security Namespace

Other Resources

Understanding Role Management
© 2009 Microsoft Corporation. All rights reserved.   Terms of Use | Trademarks | Privacy Statement
Page view tracker
Rate the Lightweight library
x
Lightweight builds on ScriptFree (loband) by adding features you've requested: a SearchBox and default code language selection.
Do you like the SearchBox?
Do you like the tabbed code blocks?
How useful is this topic?
Tell us more.
Thanks
x
You're helping to improve MSDN Online.
Feedback
Switch View
x
Classic
Lightweight Beta
ScriptFree
Switch View