How do I use my custom role store for roles authorization?

From Guidance Share

Jump to: navigation, search

J.D. Meier, Prashant Bansode, Alex Mackman


Implement a custom roles provider inheriting from the RoleProvider abstract base class which works with the custom role store. Use this custom provider along with role manager APIs for roles authorization using your custom role store. The role manager feature provides a consistent and simple APIs for role authorization and role management. To use a custom role store for roles authorization.

  • Implement a custom membership provider that inherits from the RoleProvider abstract base class. This custom provider class should interact with your custom role store.
  • Configure a connection string for your provider (if required) in the connectionStrings section of your application's Web.config file
  • Configure the custom provider in your application’s Web.config file, enable role manager and set the defaultProvider attribute to point to your custom provider as follows
<roleManager enabled=true defaultProvider="MyCustomMembershipProvider" >
   <add name="MyCustomMembershipProvider"
        type="CustomRoleProvider, CustomDll, Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
  • Use role manager APIs for accessing and validating the role membership of the user. By default role manager uses the HttpContext.User object to obtain the currently authenticated user identity.
bool isInRole = Roles.IsUserInRole("TestRole");

More Information

For information on using role manager, see “How To: Use Role Manager in ASP.NET 2.0” at

Personal tools