Role-Based Security in .NET
Most people have at least an intuitive understanding of users, groups, and passwords. MTS and COM+ have provided an additional security system based on roles. The best place to start a more detailed look at .NET security is with user identities and roles. First, we will look at this from the point of view of a Windows application and then from the point of view of an ASP.NET application.
Principals and Identities
Each thread has associated with it a CLR principal. That principal contains an identity that represents the current user ID that is running that thread. The static property Thread.CurrentPrincipal will return the current principal associated with the current thread.
Principal objects implement the IPrincipal ...