Hi Imar,

I've been reviewing the different chapters to get a better understanding of how things work and focusing on the "How it works" sections.

I had a question in related to how the Membership, Role, and Profile web services are used?

For example, the Membership web application service is used by using the login controls. The login controls talk to the db via the configured membership provider using the membership service (I hope I'm saying this correctly).

So this made me wonder how the Role Mangager (Role Service) is used. Is it correct to say that the Role Service is used by using the WSAT, <Location> element in Web.config, LoginViewControl, and Role API - do all of these somehow talk to the Sql server db via the configured role provider?

Thank you.

Tulsi

Hi there,

Yes, that's correct. The Membership service has a fixed API that uses a configured provider under the hood. That way, you can swap providers (through configuration) and everything continues to work.

Not entirely. Roles are retrieved at login and then stored in a cookie (when cacheRolesInCookie is true) or retrieved on each request. They are then associated with the current user that is associated with the current request. Other .NET functionality, such as URL Authorization (which uses the <location /> element) can then use these roles without ever knowing about the Role Manager.

The WSAT uses the Role API (and thus the configured role provider under the hood) extensively to manage the roles in the database.

Hope this helps,

Imar

__________________
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Follow me on Twitter

Author of Beginning ASP.NET 4.5 : in C# and VB, Beginning ASP.NET Web Pages with WebMatrix
and Beginning ASP.NET 4 : in C# and VB.
Did this post help you? Click the button below this post to show your appreciation!

Thank you for the explanation. Truly very helpful!

Tulsi