How to manage role and its permission in asp.net application

Hi i like to design a asp.net application(app1) where we can create role and actions. here action is such as create student details and delete student details... this both actions comes underneath to a role1.. so, the application will have some roles with set of actions. This 开发者_运维技巧roles and action will be used later in another applications(app2 and app3).

i have designed app1 with single sign on for all the application(app2,app3). when a user enter into app2, he/she will be redirected login page which resides in app1. There user validation will take place. once validated, authentication ticket will be send back to requested application(app2).

Once app2 receive the ticket, it will make another request app1 to get the roles and action belongs to singed user. the app2 should behave based the actions belongs to role.

*A user can have more roles.

how to control the user activities based on the actions?

Is there any framework to achieve this model?

Can you provide me any guidance for achieve my idea?

You should investigate the use of a RoleProvider which is built into the .NET Framework.

In addition to the role provider you can use the Authorization Manager to create Operations, Tasks, and Roles. You can then link Operations to specific function in you application and map roles in a variety of ways.

How To: Use Authorization Manager (AzMan) with ASP.NET 2.0