Role-based security allows the programmer to specify that a class or member can be called only if the user making the call has a specific username or role. Products such as HTTP and application servers will implement custom models for identifying users, but the .NET Framework provides default support for identifying Windows Users and Groups, which is the topic of this section. Unlike the Code Access Security model, role-based restrictions can be applied to classes and any class member, including properties and events.

The following fragment shows how to make a declarative statement to ensure that only the MyDomain\MyUser user account can invoke a method:

using System; using System.Security.Permissions; using System.Security.Principal; ...