Figure B-8 shows a sample Windows Forms MDI application that uses WSLoginControl.

In its Security tab, the application requests the permissions listed in Table B-2. It requires users to log in and authenticate themselves before creating a new document window. When the user selects the File → New menu item, it is handled by the OnFileNew() method. OnFileNew() demands that the user be a member of the Manager role:

    [PrincipalPermission(SecurityAction.Demand,Role = "Manager")]
    void OnFileNew(object sender,EventArgs args)
    {...}

Before using the application, you will need to create the users and roles in the database. You can and should use the support Visual Studio 2005 offers for managing the credentials stored in the aspnetdb database.

Create a new ASP.NET web site. When using SQL Server, add to the web site configuration file the SQL Server connection string. Select ASP.NET Configuration from the Website menu to bring up the Web Site Administration pages (see Figure B-1).

Figure B-8. The sample application

Select the Provider tab, then click the “Select a single provider for all site management data” link. Under the Provider list, click AspNetSqlProvider. Next, click the Security tab. Under Users, click “Select authentication type” and on the next page click “From the Internet”. Then go back to the Security tab.

Under Roles, select “Enable roles” followed by “Create ...