Hi,

If you want to check if a user is in a role on every request I recommand you 
to use Global.asax and the AuthenticateRequest event.
If you want to add roles when a user has authorization when you can use the 
AuthorizeRequest or the AuthenticateRequest event in global.asax or do this 
in your login page.

Here is an exmaple of adding roles and check if a user is in a role:

   string[] roles = { "Admin","User","Everyone","public" };

   Context.User = new GenericPrincipal(Context.User.Identity, roles);

   if (Request.IsAuthenticated == true)
   {
       string roless = "User;Everyone";

       //Check if a user has the Role as a User or Everyone
       foreach( string role in roless.Split( new char[] {';'} ))
       {
          if( Context.User.IsInRole(role))
	       	Response.Write("IN ROLE");
       }
   }

I hope this will help you, if not please let me know.

/Fredrik Normén


>From: "David Metcalfe" <david@a...>
>Reply-To: "ASPX_Professional" <aspx_professional@p...>
>To: "ASPX_Professional" <aspx_professional@p...>
>Subject: [aspx_professional] Forms Authentication and Roles
>Date: Wed, 19 Dec 2001 20:53:15
>
>I am using Forms Authentication and would like to use roles to give
>differenent types of users access to different sets of web pages (using
>web.config authorisation settings).  Is this possible?  It appears that a
>user can only be assigned roles when the Principle object is created and
>it's not clear where this is created during the authentication process or
>whether it can be created manually.
>
>Regards,
>Dave
>$subst('Email.Unsub').




_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.