ClientRoleProvider Class


Gets role information for Windows-based applications from an Microsoft Ajax roles service.

public ref class ClientRoleProvider : System::Web::Security::RoleProvider
public class ClientRoleProvider : System.Web.Security.RoleProvider
type ClientRoleProvider = class
    inherit RoleProvider
Public Class ClientRoleProvider
Inherits RoleProvider


The following example code demonstrates how to use this property to programmatically set the roles service location.

private void SetRolesServiceLocation()
    ((ClientRoleProvider)System.Web.Security.Roles.Provider).ServiceUri = 
Private Sub SetRolesServiceLocation()
    CType(System.Web.Security.Roles.Provider,  _
        ClientRoleProvider).ServiceUri = _
End Sub


You can use client application services to retrieve role information from an existing roles service by configuring your application to use the ClientRoleProvider class. After configuration, you can determine whether an authenticated user is in a particular role by calling the IsInRole method of the IPrincipal returned by the static Thread.CurrentPrincipal property. For applications configured to use client application services, this property returns a ClientRolePrincipal. Because this class implements the IPrincipal interface, you do not need to reference it explicitly. The ClientRolePrincipal.IsInRole method internally calls the ClientRoleProvider.IsUserInRole method.

The ClientRoleProvider class is a read-only role membership provider that retrieves role information for authenticated users from the roles service indicated by the ServiceUri property. The value of the ServiceUri property is typically retrieved from the application configuration file along with other configuration values.

You can retrieve the current ClientRoleProvider instance through the static Roles.Provider property.

The ClientRoleProvider class supports only the GetRolesForUser and IsUserInRole methods of the RoleProvider abstract class. When you call one of these methods for a particular user, the service provider first checks the local data cache for role information. If the cache does not contain any role information or the cache has expired, the service provider retrieves the role information from the roles service and adds it to the cache.

You can specify the time-out period for the roles cache when you configure client application services. To force the GetRolesForUser method to retrieve role data from the service instead of the local cache, call the ResetCache method first.

You cannot use the ClientRoleProvider class to create or delete roles, or to modify the role membership of users. To create or modify role information, you must change the configuration of the role service on the server.



Initializes a new instance of the ClientRoleProvider class.



This property is not used by this class.


Gets a brief, friendly description suitable for display in administrative tools or other user interfaces (UIs).

(Inherited from ProviderBase)

Gets the friendly name used to refer to the provider during configuration.

(Inherited from ProviderBase)

Gets or sets the URI of the role service.


AddUsersToRoles(String[], String[])

This method is not used by this class.


This method is not used by this class.

DeleteRole(String, Boolean)

This method is not used by this class.


Determines whether the specified object is equal to the current object.

(Inherited from Object)
FindUsersInRole(String, String)

This method is not used by this class.


This method is not used by this class.


Serves as the default hash function.

(Inherited from Object)

Gets the names of the roles that the specified user belongs to.


Gets the Type of the current instance.

(Inherited from Object)

This method is not used by this class.

Initialize(String, NameValueCollection)

Initializes the provider.

IsUserInRole(String, String)

Gets a value indicating whether the specified user is in the specified role.


Creates a shallow copy of the current Object.

(Inherited from Object)
RemoveUsersFromRoles(String[], String[])

This method is not used by this class.


Clears the cached role information and resets the cache time-out period.


This method is not used by this class.


Returns a string that represents the current object.

(Inherited from Object)

Applies to

See also