Why should we choose PrincipalPermission over IsInRole()?

Q1. - RE: PrincipalPermission methods vs. IPrincipal. IsInRole(..) The two function calls make a PrincipalPermission that has the union or intersection of the roles you give it.

Thus you end up with a principal that has a very specific set of demands, which you can then call IsInRole() upon. Note that doing this will hit your role provider which may be an SQL server or the active directory and thus have latency involved, so you don't want to do it all the time Q2. - RE: PrincipalPermission authentication Authenticated indicates that the user is logged in against your provider.

You may want this if you need only auditing on your application, confirming the user is logged in to your role provider will mean that you can log who they are etc You are correct in saying it's only useful where you don't care about who the user is, only that they are logged in.

Q1. - RE: PrincipalPermission methods vs. IPrincipal. IsInRole(..) The two function calls make a PrincipalPermission that has the union or intersection of the roles you give it.

Thus you end up with a principal that has a very specific set of demands, which you can then call IsInRole() upon. Note that doing this will hit your role provider which may be an SQL server or the active directory and thus have latency involved, so you don't want to do it all the time. Q2.

- RE: PrincipalPermission authentication Authenticated indicates that the user is logged in against your provider. You may want this if you need only auditing on your application, confirming the user is logged in to your role provider will mean that you can log who they are etc. You are correct in saying it's only useful where you don't care about who the user is, only that they are logged in.

1 yes but you must call it twice. You create one prinicipal permission which is the union or intersect of the principals your after and then call IsInRole() once. Also set intersect/union will give you a different result depending on what each role has.En.wikipedia.Org/wiki/Intersection_(set_theory) en.wikipedia.

Org/wiki/Union_(set_theory) – Spence May 10 '09 at 21:37 1 No, what I mean is that each call to isinrole() involves latency (possibly). So if you grab a permission, union two together, then call IsInRole() that should be faster than calling IsInrole() for both permissions. – Spence May 11 '09 at 0:06 1 You don't have to hit the domain to create a principal, nor to union or intersect.

To call IsInRole() though you do AFAIK. – Spence May 12 '09 at 2:13 1 PrincipalPermission can rely on anything that can use the ASP.Net roles provider. One of these (and the default for an enterprise) is the windows domain server.

Constructing the permission by providing a role name, or by unioning or intersecting doesn't actually do anything to the role provider at all, no calls should be made to the provider. However when you call IsInRole() you are asking the role provider to tell you whether or not the principal you've given matches the role you have, and this can be an expensive call. – Spence May 13 '09 at 21:45 1 Go read about Role providers at MSDN.

PrincipalPermission falls back to role provider to give it an answer. Ts can be a forms database, your own custom provider, or can be a kerberos server, windows domain etc. – Spence May 14 '09 at 22:04.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.