I've been working on some tutorials for the www.asp.net site on the topics of forms authentication, authorization, membership, and roles. The first set of tutorials covered security basics and examined forms authentication in detail; the second set looked at the Membership system and the SqlMembershipProvider. The third set of tutorials are now available online and focus on the Roles framework and the SqlRoleProvider.
- Creating and Managing Roles [VB | C#] - examines the Roles framework and the SqlRoleProvider. Shows how to create new roles and manage these roles from a web page interface.
- Assigning Roles to Users [VB | C#] - looks at the Roles framework methods for assigning and removing users from roles.
- Role-Based Authorization [VB | C#] - shows how to perform role-based URL authorization, as well as how to programmatically grant or deny functionality based on the currently logged in user's role(s). Also looks at using the LoginView control to display different content based on the logged on user's role.
All tutorials are available in C# and VB versions, include a complete, working source code download, and are available to download as PDF. The next batch of tutorials examines creating administrative pages to manage user accounts.
Enjoy! - http://asp.net/learn/security/