473,326 Members | 2,023 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

inherited security strategy needed

I'm building an application that uses a folder and object heirarchy
metaphor. I would like to be able to set access rights generically (at the
folder) or specifically (for the object) for groups or individuals. I would
also like to be able to 'inherit' rights from parent folders to child
folders.

Has anyone seen any examples of how this might be done or suggest an
approach?

Thanks,

Craig Buchanan
Nov 18 '05 #1
1 1007
In our case, we wanted to restrict users based upon access to functionality,
which meant, in our case, User Controls. That is, we have pages which load
different User Controls depending upon what functionality is desired. So we
created a class (called "PageContent") which inherits
System.Web.UI.UserControl and added code in its' Init handler that checks
the current user against a Collection of Groups that we derive from our
database. We have a Users table and a Groups table, and a
"PageContentGroups" table, which links Users to Groups based upon the
PageContent class being employed. When the PageContent class initializes, it
loads a collection of Group which are authorized to view that PageContent
class. An anonymous user defaults to a User object that has no Groups.
Otherwise, the user logs in via a form, and the User object for that User is
stored in Session. The User class also has a collection of Groups which that
user belongs to, and this is what is compared to the Groups collection in
the PageContent class.

This way, the whole Security issue is handled without the developer having
to think about it, in the base class for the User Control (PageContent
class) being developed. To change security for a PageContent class, we just
manipulate the database.

This could be done at Page level as well.

--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.

"Craig Buchanan" <so*****@somewhere.com> wrote in message
news:#1**************@tk2msftngp13.phx.gbl...
I'm building an application that uses a folder and object heirarchy
metaphor. I would like to be able to set access rights generically (at the folder) or specifically (for the object) for groups or individuals. I would also like to be able to 'inherit' rights from parent folders to child
folders.

Has anyone seen any examples of how this might be done or suggest an
approach?

Thanks,

Craig Buchanan

Nov 18 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
by: Steve Jorgensen | last post by:
I'm restarting this thread with a different focus. The project I'm working on now id coming along and will be made to work, and it's too late to start over with a new strategy. Still, I'm not...
3
by: Deano | last post by:
i.e the best way to have multiple validated users on the system who can then access the back-end? Or is it just as easy to write your own user management and login form and base your code on that?...
4
by: BrianS | last post by:
What is the best strategy for dynamic loading private assemblies in asp.net? I understand, and have confirmed, that any dll placed in the app's /bin dir will get loaded on startup. This is not...
0
by: honcho | last post by:
My ASP.NET web application has a flaw that produces false security-violation alarms. There are several categories of users for this web site, e.g. Colonels, Sergeants, Private_1s, and...
1
by: Craig Buchanan | last post by:
I'm building an application that uses a folder and object heirarchy metaphor. I would like to be able to set access rights generically (at the folder) or specifically (for the object) for groups...
3
by: Wayne Brantley | last post by:
VS2005 RTM Create a web user control to use as a base class for other web user controls. Now, create a new web user control, change the class it inherits from to your base class and compile....
0
by: KevinMac | last post by:
I'm investigating requirements for deploying applications created for ..NET 2.0 (I've been working with VS2005, C#). One concern I have is granting client PCs code security rights. I know how to...
7
by: Ryan | last post by:
I have a bit of a problem with regards an indexing strategy. Well, basically there is no indexing strategy on a set of data I have at work. Now, I didn't create the design as I would have allowed...
25
by: marcin.rzeznicki | last post by:
Hello everyone I've got a little problem with choosing the best decoding strategy for some nasty problem. I have to deal with very large files wich contain text encoded with various encodings....
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.