# How to: Enable Roles in Open Ria Services
\[ **This document was written for WCF Services Version 1 Service Pack 2 and might not be up to date** \
Please see [Release Notes](https://github.com/OpenRIAServices/OpenRiaServices/releases) or [Changelog](https://github.com/OpenRIAServices/OpenRiaServices/blob/main/Changelog.md) for a list of changes since WCF RIA Services ]
This topic demonstrates how to enable roles in your Open Ria Services solution if you have previously enabled authentication. You can retrieve a user’s roles only after the user has been authenticated. To configure your solution for authentication, see [How to: Enable Authentication in Open Ria Services](/openriaservices/ee707361/ee707353.md). You restrict access to a domain operation to members of a role by applying the [RequiresRoleAttribute](https://github.com/OpenRIAServices/OpenRiaServices/tree/086ea8c8fcb115000749be6b2b01cd43bb95bf80/docs/ff422065.md) attribute to the method for the domain operation.
Roles are used to specify which group of authenticated users can access certain resources. Roles in Open Ria Services build upon roles in ASP.NET. For more information about roles, see [Understanding Role Management](http://go.microsoft.com/fwlink/?linkid=168719).
### To configure the server project
1. In the server project, open the Web.config file.
2. In the \ section, enable the manager role by adding the \ element.
The following example shows how to enable the manager role.
```
```
3. In the membership database, create the required roles and assign users to the roles as needed.
For more information, see [Understanding Role Management](http://go.microsoft.com/fwlink/?linkid=168719). For an example of creating roles, see [Walkthrough: Using Authentication Service with Silverlight Business Application](/openriaservices/ee707361/ee942449.md) or [Walkthrough: Using Authentication Service with Silverlight Navigation Application](/openriaservices/ee707361/ee942451.md).
4. To restrict access to a domain operation to only members of a specified role, apply the [RequiresRoleAttribute](https://github.com/OpenRIAServices/OpenRiaServices/tree/086ea8c8fcb115000749be6b2b01cd43bb95bf80/docs/ff422065.md) attribute to the domain operation.
The following example specifies that only members of the Managers role can access the domain operation.
```
_
Public Function GetCustomers() As IQueryable(Of Customer)
Return Me.ObjectContext.Customers
End Function
```
```csharp
[RequiresRole("Managers")]
public IQueryable GetCustomers()
{
return this.ObjectContext.Customers;
}
```
### To access roles in the client project
1. To check whether the user belongs to the required role, access the Roles property or call the IsInRole method on the WebContext.Current.User object.
The following example checks whether the user belongs to a role named Managers before calling the domain operation.
```
Private Sub LoadRestrictedReports()
Dim loadSales = context.Load(context.GetSalesOrderHeadersQuery().Take(numberOfRows))
SalesOrdersGrid.ItemsSource = loadSales.Entities
SalesOrdersGrid.Visibility = System.Windows.Visibility.Visible
If (WebContext.Current.User.IsInRole("Managers")) Then
Dim loadCustomers = context.Load(context.GetCustomersQuery().Take(numberOfRows))
CustomersGrid.ItemsSource = loadCustomers.Entities
CustomersGrid.Visibility = System.Windows.Visibility.Visible
Else
CustomersGrid.Visibility = System.Windows.Visibility.Collapsed
End If
End Sub
```
```csharp
private void LoadRestrictedReports()
{
LoadOperation loadSales = context.Load(context.GetSalesOrderHeadersQuery().Take(numberOfRows));
SalesOrdersGrid.ItemsSource = loadSales.Entities;
SalesOrdersGrid.Visibility = System.Windows.Visibility.Visible;
if (WebContext.Current.User.IsInRole("Managers"))
{
LoadOperation loadCustomers = context.Load(context.GetCustomersQuery().Take(numberOfRows));
CustomersGrid.ItemsSource = loadCustomers.Entities;
CustomersGrid.Visibility = System.Windows.Visibility.Visible;
}
else
{
CustomersGrid.Visibility = System.Windows.Visibility.Collapsed;
}
}
```
2. If you want to make the WebContext object available in XAML, add the current WebContext instance to the application resources in the Application.Startup event before creating the root visual.
The following example shows how to add the WebContext instance as an application resource.
```
Private Sub Application_Startup(ByVal o As Object, ByVal e As StartupEventArgs) Handles Me.Startup
Me.Resources.Add("WebContext", WebContext.Current)
Me.RootVisual = New MainPage()
End Sub
```
```csharp
private void Application_Startup(object sender, StartupEventArgs e)
{
this.Resources.Add("WebContext", WebContext.Current);
this.RootVisual = new MainPage();
}
```
## See Also
#### Tasks
[Walkthrough: Using Authentication Service with Silverlight Navigation Application](/openriaservices/ee707361/ee942451.md)
[Walkthrough: Using Authentication Service with Silverlight Business Application](/openriaservices/ee707361/ee942449.md)
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://openriaservices.gitbook.io/openriaservices/ee707361/ee707375.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.