Republished with Permission - Original Article
Earlier this summer I posted two tutorials on using Windows
Authentication with ASP.NET: Enabling Window Authentication within an Intranet ASP.NET Web
Application and Implementing Role Based Security within ASP.NET using Windows
Authentication and SQL Server. I also linked to Scott Mitchell's
great ASP.NET 2.0 Security, Membership and Roles Tutorials that
cover how to use Forms Authentication and the new Membership/Roles APIs in
ASP.NET for Internet based web applications.
These tutorials covers how to implement authentication on
your site, which is the process of identifying who an incoming user
is. They also demonstrate how to implement role based management on your
site, which allows you to logically group individual users into higher-level
roles or groups (for example: "admins", "friends",
"subscribers", etc). The tutorials also demonstrate how to
implement authorization rules to grant or deny users/roles access to visit
individual pages or URLs within a site (the roles tutorial above also
demonstrates how to show/hide menu nodes based on the permissions of the
incoming user).