As in all the Line-Of-Business Applications, an application may have multiple Users with some Roles assigned to them. We have recently shifted to WPF MVVM Architecture and looking for best way to assign role to each logged in user. There are many terms floating over internet like Authentication, RoleManager, LoginService etc, but I am not sure which to work out with.
Here is what we have:
A small business application (With 20 Forms), developed within a single-project. We use MVVM architecture, LINQ-to-SQL as DataAccess and Model, with Repository pattern and Unit Of Work.
What we want:
There are different forms and each form has insert, update, delete, print etc operations. What we want is to restrict a logged in user according to his role - to the task he can perform. i.e for e.g. Admin is free to do "anything" with the application, while some other users may not be allowed to view some forms or carry out some operations (viz. update or delete).
So how can we achieve this; what kind of service could be used for carrying out this complete mechanism using MVVM architecture within a Desktop LOB application. A technical term or tutorial link will be helpful.
I hope I am clear and thank you very much in advance.
Edit: I went through many forums and articles around, but all of them focuses on ASP.NET. Still cannot find a concrete implementation for assignment of roles within WPF. And the sources on ASP.NET doesn't comply well with WPF.
I'd suggest building a solution around the ASP.NET Membership & Role Management providers (despite the edit to your original question). They're well documented on MSDN & are very flexible.
Here are a few links that should hopefully help you with the WPF integration:
Also, you mentioned that you're using MVVM; I'd suggest having a static class, or otherwise globally accessible property (see: WPF Application using a global variable) of an instance of a centralized authorization class. The methods of this class could then be called from anywhere in the app (i.e. in the ViewModels) to enable/disable or show/hide the appropriate features, based upon whatever permissions were granted to the user.