Can some one help me.
I'm trying to build framework in .net which uses role based security.

I want to be able to defined the roles in the web config e.g
Manager, PowerUser, Guest, AnonUser

I want to be able to map NT application groups to those roles in the
web config so that in my code I can say

If Iam.Inrole("Manager") then
rather than
If Iam.Inrole("DomainName\AG_ManagersForthisApplicait on")

the first is much simpler to use and more intuitive. I'd like to be
able to allocate the NT domain groups in the web config against the
role so that they can be changed without a recompile.

I'd also like to use this method so that if anonymous users conect
through a fire wall I can assign them a least priveldge NT identity
which I can then give the AnonUser role to.

In this way I can authorize the same way throughout the entire
application
e.g.

If Iam.Inrole("manager") then
dosomehting()
elseif Iam.Inrole("AnonUser") then
dosomethingelse()

Can any one tell me where I can find some information on how to do
this. It's seems very simple but can't find any examples of it being
used anywhere

Erick