WebSecurity - RequireRoles()
WebSecurity Object
Definition
The RequireRoles() method sets the HTTP status to 401 (Unauthorized) if the current user is not in all of the specified roles.
C# and VB Syntax
WebSecurity.RequireRoles(roles)
Examples
Example C#
WebSecurity.RequireRoles("Admin", "Poweruser");
Example VB
WebSecurity.RequireRoles("Admin", "Poweruser")
Parameters
Parameter | Type | Description |
---|---|---|
roles | String | A comma separated list of roles the current user must be in. |
Return Value
None.
Errors and Exceptions
Any access to the WebSecurity object throws an InvalidOperationException if:
- The InitializeDatabaseConnection() method has not been called
- SimpleMembership is not initialized (or disabled in the website configuration)
Remarks
RequireRoles() validates that the current user is a member of all of the specified roles. If the user is not a member of all of the specified roles, the HTTP status is set to 401 (Unauthorized).
To validate that the user is authenticated, use the RequireAuthenticatedUser() method.
To validate that the current user is a specific user, use the RequireUser() method.
Technical Data
Name | Value |
---|---|
Namespace | WebMatrix.WebData |
Assembly | WebMatrix.WebData.dll |
WebSecurity Object