15.3. The Role Manager
Although it's nice that your users can now sign up and log in to your site, it would be a lot more useful if you could differentiate between your users. That would enable you to grant access rights to one or just a few users to access the Management folder so only they can change your reviews and genres. With the Role Manager that ships with ASP.NET this is pretty easy to do. The Role Manager enables you to assign users to different roles. You can then use these roles to open or block specific functionality in your site. For example, you can block access to the Management folders to all users except for those in the Managers role. Additionally, you can display different content based on the roles users are in with the LoginView as you saw earlier.
15.3.1. Configuring the Role Manager
As with membership, the settings for the Role Manager are placed in config files. However, the Role Manager is not turned on by default, so you need to do that explicitly in the web.config file in the <roleManager> element that should be placed inside the <system.web> element in web.config:
<roleManager enabled="true" />
In a later exercise you see how to enable the roles with a management tool that is accessible from within VWD so you can enable roles without modifying the web.config file directly.
After you have enabled roles, you can assign users to different roles in a number of ways:
Using the Web Site Administration Tool, generally referred to as the WSAT
Programmatically ...
Get Beginning ASP.NET 3.5: In C# and VB now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
