Development and Programming
C# and .NET
Understanding ASP.NET authorization
At run time, when users visit your site, they establish an identity, either as a Windows account name or by logging into your application. Information about the logged-in user is available to your application from the User property. When roles are enabled, ASP.NET creates an instance of the RolePrincipal class and adds it to the current request context, it also looks up the roles for the current user and adds them to the pervious created User object so that you can check them.
The following example shows how to determine whether the current user is in the role of member. If the user is in the role, the code displays a button for members:
buttonMembersArea.Visible = True;
isible = True;
If a user's browser allows cookies, ASP.NET can optionally store role information in an encrypted cookie on the user's computer. On each page request, ASP.NET reads the cookie and populates the role information for that user from the cookie. This strategy minimizes the need to read role information from the database. If the user's browser does not support cookies or if cookies are disabled, role information is instead cached only for the duration of each page request.
© 2018 Digcode.com. All rights reserved.