ASP.NET AJAX: the new role service

The latest version of the ASP.NET AJAX framework added a new client service which will let you get info about the roles of the current user: I”m talking about the Sys.Services._RoleService. The class exposes two important methods which you might end up using if you need to get info about the roles of the current user:

  • get_roles: returns an array with the roles that have been associated to the current user;
  • isUserInRole: receives a string and returns true if the user is associated with that role.

You”ll normally use the global Sys.Services.RoleService object to call these methods. To do that, you”ll need to start by activating the service. You can accomplish this by adding the necessary info to the web.config file:

                <roleService enabled=”true”/>

After doing this, if you drop a ScriptManager control on a page, you”ll automatically get some JS code inserted into the page that configures the client class so that it”s able to communicate with the server side in order to retrieve the roles associated with the current user. It”s important to note that this client service will only get the roles associated with the current user (which means that you need to have a user logged in to get any meaningful information).

So, if you build a really simple page like this one (I”m just showing the body portion of the page):

    <form id=”form1″ runat=”server”>
        <asp:ScriptManager runat=”server” ID=”manager”>          

and if you load the page on the browser and take a look at its source, you should find a line that looks like this:

Sys.Services._RoleService.DefaultWebServicePath = ”Role_JSON_AppService.axd”;

This line is configuring the client class so that it knows which service it should call in the server side to call when you use one of the client methods presented earlier. You can take this to next level and automatically inject the roles associated with the current user on the page by setting the LoadRoles property of the RoleServiceManager to true (exposed by the RoleService property of the ScriptManager element):

<asp:ScriptManager runat=”server” ID=”manager”>
            <RoleService LoadRoles=”true” />

When you do this, you”ll see that besides setting the path to the web service, the server side will also inject the roles associated with the current user with code similar to this one:

Sys.Services.RoleService._roles = Sys.Serialization.JavaScriptSerializer.deserialize(”[“Role1″]”);

In my previous example, the current user had was associated with only one role (Role1).

Btw, I believe that it”s important to mention that you can force the client object to load the roles from the client side by calling the load method. The next page shows a snippet that shows how this can be accomplished:

    <form id=”form1″ runat=”server”>
        <asp:ScriptManager runat=”server” id=”manager”>
            <RoleService LoadRoles=”false” />
        <input type=”button” value=”Show roles” onclick=”printRoles()” />
    <script type=”text/javascript”>
        Sys.Application.add_load( handleLoad );
        var _loaded = false;
        function handleLoad(){
                                                    _loaded = true;
        function printRoles() {
                alert( “Loading roles…please try again in a few moments” );
            var arr = Sys.Services.RoleService.get_roles();
            alert( arr );

In this case, we have a page with a single button that will be responsible for printing the roles associated with the current user. As you can see, we start by checking a global variable which will only be set after the roles associated with the current user have been loaded. we need this flag because when we call the load method,we”ll start an async operation and we need to be sure that we”ve already got the answer from the server side before printing a message to the user.

Before ending the post,there”s still time to tell you that you can build your own Role web service: you just need to inform the client object that it should call your method instead of calling the default one. The easiest way to achieve this is to use the RoleServiceManager”s Path property (though you can also force this by using the set_path property of the RoleService global object).


~ by Luis Abreu on January 5, 2008.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: