What is Role-based security?
Application that provide access to its data based on credentials check, verify the user’s role and hands over the access on the basis of such roles. Managed code finds out the role of a principal through a Principal object. This further contains a reference to an Identity object.
User accounts -> represent people
Group accounts -> represent certain categories of users and the rights they own.
In .NET Framework:- Identity objects represent users, Roles represent memberships and security.
A security principal represents a user and their roles which tells about their authority in the application. Role-based security is mostly used in custom authentication.
Way to set the default policy to the application is:
AppDomain appDomain = AppDomain.CreateDomain("test");
appDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
