using Security Application Block of Enterprise Library

Topics: Security Application Block
Apr 6, 2011 at 9:03 AM


I need to use Security Application Block of Enterprise Library in ASP.NET C# Web Application. I have multiple .aspx pages in my application and I need to show them only to authorized user by checking their roles and Roles list we will get from Database of MySQL.

So I need to know following things.

How to use Security Application block for roles gettiing from Database. I have an example for roles in XML but that is not helping.

How to define roles for the user that has logged in? I am running sql query for getting roles but how to associate it logged in user and how to use Security block with these information.


As you might have know, I am really blank, please hep me out ASAP.

Apr 6, 2011 at 9:28 AM

The Security Application Block doesn't have an out-of-the-box authorization provider which reads roles from the database.  You must implement a custom authorization provider where the steps are included in the documentation.   But just to make it clear, the Security Application Block isn't about managing roles or other objects related to securing an application.  It only provides a means of authorizing users.  I think the functionality you need can be better addressed if you use ASP.NET Role provider.  These two doesn't overlap; you can use ASP.NET Role provider with the Security Application Block. 


Sarah Urmeneta
Global Technology & Solutions
Avanade, Inc.