Now that we have the ability to log a user in, we can filter data based on whether or not they are logged in, and even allow access to pages based on the same. But what if we need more granular control? What if we need to only allow access to certain controls to "Administrators", or "DataManagers"? Using the System.Web.Security.RoleProvider
abstract classes, we can extend our control to a much tighter level.
A number of controls allow restricting access to roles, but my particular favorite is the <asp:LoginView>
control. Not only does it let us restrict a user, whether logged in or not, but it can also restrict them by role. Have a look at the following code snippet:
<asp:LoginView ID="loginView" runat="server"> <AnonymousTemplate> <asp:Login ID="login" runat="server" /> </AnonymousTemplate> <LoggedInTemplate> Thanks for Logging In </LoggedInTemplate> </asp:LoginView>
Now, when you navigate to the page, if you are logged...