When you enable the roles API, by following the approach described in the article How to use Roles API for Role-Based Authorization in ASP.NET, the RoleManagerModule automatically creates a RolePrincipal instance. This instance contains both the authenticated user’s identity and the roles of the user. The RolePrincipal is a custom implementation of IPrincipal, which is the base interface for all principal classes.  It as a result supports the default functionality, such as access to the authenticated identity and a method for verifying a role membership condition through the IsInRole() method. In addition, it provides a couple of additional properties for accessing more detailed information about the principal. You can use the properties in the following code to perform authorization checks by calling the IsInRole() method:


Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

If User.Identity.IsAuthenticated Then

Dim Rp As RolePrincipal = DirectCast(User, RolePrincipal)

Dim RoleInfo As StringBuilder = New StringBuilder


RoleInfo.AppendFormat(“<h2>Welcome {0}</h2>”, Rp.Identity.Name)

RoleInfo.AppendFormat(“<b>Provider:</b> {0}<BR>”, Rp.ProviderName)

RoleInfo.AppendFormat(“<b>Version:</b> {0}<BR>”, Rp.Version)

RoleInfo.AppendFormat(“<b>Expires at:</b> {0}<BR>”, Rp.ExpireDate)

RoleInfo.Append(“<b>Roles:</b> “)


Dim Roles() As String = Rp.GetRoles()

Dim I As Integer

For I = 0 To Roles.Length – 1

If I > 0 Then

RoleInfo.Append(“, “)

End If



LblRoleInfo.Text = RoleInfo.ToString()

End If

End Sub