The Sample Provisioning UI Framework includes a new class, MPSWebUIRoleProvider, that inherits methods from System.Web.Security.RoleProvider. MPSWebUIRoleProvider overrides the following elements:

• GetRolesForUsers method
• ApplicationName property

To learn more about System.Web.Security.RoleProvider, see the following pages:

• RoleProvider Class
• How To: Use Role Manager in ASP.NET 2.0

Table: Roles for Microsoft Provisioning System (MPS) Sample Provisioning User Interface

Role description	Role abbreviation
Hosting Admin	HA
Reseller organization Admin	RA
Customer organization Admin	CA
Customer organization User	CU

The role provider will also perform the task of authenticating users. In case an invalid user logs on (either invalid user name or invalid password) the following exception will be thrown:

<response>
<errorContext description="Logon failure: unknown user name or bad password." code="0x8007052e" executeSeqNo="3">
  <errorSource namespace="Active Directory Provider" procedure="Make Path Domain Controller Specific" /> 
  <errorSource namespace="Preferred DC Active Directory Provider" procedure="Search" /> 
  <errorSource namespace="Hosted Active Directory" procedure="GetCallerUiRoles" /> 
  </errorContext>
  </response>

The error message contained in the description attribute will be displayed to the user in the login page. If no exception is thrown we can extract the role of the logged in user.

Depending upon the logged in user and the assigned role, the user will be able to perform various operations.