Simplify user management by using roles to group users by function.
Besides restricting access to individual users, it is sometimes much easier to restrict access based on the groups, or roles, to which users belong. You can use the ASP.NET Web Site Administration Tool (WAT) to classify users into roles and determine their access rights based on the function of each role. For example, users who administer the site might be grouped under an Admin role that you define. This role—and, by implication, the users assigned to it—can then be given permission via the Web.config file to access certain parts of the web site that are off-limits to others.
In this lab, you will learn how to create roles for your web site
through the use of the ASP.NET WAT. You will create a new role called
Admin and then assign a newly created user,
Administrator, to this role. After that, you will
see how you can limit access to folders in your application based on
the role of the user.
Open the project used in the last lab (C:\ASPNET20\chap-5-SecurityControls).
Invoke the ASP.NET WAT in Visual Studio 2005 (Website→ ASP.NET Configuration).
Click on the Security tab, where you'll find the tools you need to set up roles for your site (see Figure 5-29).
Figure 5-29. The Security tab in the ASP.NET Web Site Administration Tool
Let's start by creating a special account for ...