we can set Principle while creating our Custom authorizing attribute like
- public class BasicAuthenticationAttribute : AuthorizationFilterAttribute
- {
-
- IPrincipal principal = new GenericPrincipal(identity, UserDetails.Roles.Split(','));
- }
and we can also create CustomRoleProvider like below
- public class UserRoleProvider : RoleProvider
- {
- public override string[] GetRolesForUser(string username)
- {
- using (EmployeeContext _Context=new EmployeeContext())
- {
- var userRoles =
- return userRoles;
- }
- }
- }
- }
My question is what is the difference between the two and when to use one over another or both are same?