473,396 Members | 1,921 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > what is the best approach?

Join Bytes to post your question to a community of 473,396 software developers and data experts.

What is the best approach?

Hello, friends,

I implemented Forms Authentication in my asp.net app, it worked fine.
However, now I have another problem:

Although a user can be authenticated, but he/she may still not be allowed to
view certain pages and folders. For exampl, a junior member can not view
pages for senior memebers, although he/she can log into the web site.

<authorization> in web.config seems a good approach. However, it needs
either to enumerate all users in <allow> or <deny>, or to add users to a
predefined role, say "Junior" or "Senior". All these will be done manually.
Unless there is an automatic way, this is NOT good to us since we need our
new members to access proper pages right after they register. We do not check
our database every minute to see if there are new registered members, and
manually add them. Moreover, a new member may register in midnight or
holidays: We can NOT tell him/her to wait until we have someone to add
his/her name into <authorization> or into a role.

What is the best approach to do this?

Any reference papers, sample code? Thanks.

Dec 21 '05 #1
2 1266
Do you know about role based authorization that you integreate into forms
auth? Also are you using 1.1 or 2.0?
http://aspnet.4guysfromrolla.com/articles/082703-1.aspx
That is for 1.1
For 2.0
http://aspnet.4guysfromrolla.com/articles/121405-1.aspx
Start there - those links via quick google for role based authorization
"Andrew" <An****@discussions.microsoft.com> wrote in message
news:D1**********************************@microsof t.com...
Hello, friends,

I implemented Forms Authentication in my asp.net app, it worked fine.
However, now I have another problem:

Although a user can be authenticated, but he/she may still not be allowed
to
view certain pages and folders. For exampl, a junior member can not view
pages for senior memebers, although he/she can log into the web site.

<authorization> in web.config seems a good approach. However, it needs
either to enumerate all users in <allow> or <deny>, or to add users to a
predefined role, say "Junior" or "Senior". All these will be done
manually.
Unless there is an automatic way, this is NOT good to us since we need our
new members to access proper pages right after they register. We do not
check
our database every minute to see if there are new registered members, and
manually add them. Moreover, a new member may register in midnight or
holidays: We can NOT tell him/her to wait until we have someone to add
his/her name into <authorization> or into a role.

What is the best approach to do this?

Any reference papers, sample code? Thanks.

Dec 22 '05 #2
You need to write some code to do that...

Basically you need to store the menu/page/users in the database
and have you menu generated based on this database.

This menu code should not constantly hit the database, you need to cach it
and invalidate cash if the database changes (you can do this easy in ASP.NET
2.0)

You cannot personalize your site with <authorization> element unless you put
related pages in the separate folders and have a separate web.config with
<autorization> in each folder.

Good starting reference is "Designing Application-Managed Authorization"
which you can lookup on MSDN site

Good luck,

-Stan
"Andrew" <An****@discussions.microsoft.com> wrote in message
news:D1**********************************@microsof t.com...
Hello, friends,

I implemented Forms Authentication in my asp.net app, it worked fine.
However, now I have another problem:

Although a user can be authenticated, but he/she may still not be allowed
to
view certain pages and folders. For exampl, a junior member can not view
pages for senior memebers, although he/she can log into the web site.

<authorization> in web.config seems a good approach. However, it needs
either to enumerate all users in <allow> or <deny>, or to add users to a
predefined role, say "Junior" or "Senior". All these will be done
manually.
Unless there is an automatic way, this is NOT good to us since we need our
new members to access proper pages right after they register. We do not
check
our database every minute to see if there are new registered members, and
manually add them. Moreover, a new member may register in midnight or
holidays: We can NOT tell him/her to wait until we have someone to add
his/her name into <authorization> or into a role.

What is the best approach to do this?

Any reference papers, sample code? Thanks.

Dec 22 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
Paging in ASP BEST APPROACH
by: Navin | last post by:
HI, Guys There has been a lot of Ways to use paging in asp 1>Recordset approach -where whole records are pulled at client side... and then only the records which are needed are filtered.. and...
ASP / Active Server Pages
7
What's Best Practice In CSS?
by: Hostile17 | last post by:
I'm trying to arrive at a kind of "industry standard" or "best practice" approach to CSS for a policy document aimed at developers, but not necessarily very experienced developers. What does the...
HTML / CSS
3
.NET headers and footers: what's best approach?
by: Chris Transcend | last post by:
Hi all, I'm writing my first .NET website and am wondering what the best method for including headers and footers is. I was thinking either a user or server control but am not sure which would...
.NET Framework
1
Best approach to splitting 1 file containing multiple xml docs
by: Andy Britcliffe | last post by:
Hi I'm faced with the situation where I could have a single physical file that could contain multiplie XML documents e.g file.txt contains the following: <?xml version="1.0"...
.NET Framework
16
What's the best way to insert new records only
by: LP | last post by:
Hi, Every morning a .NET application downloads a file with cumulative data which needs to be appended to SQL Server table. This program needs to identify records that have not been previously...
C# / C Sharp
8
What is .net
by: Midnight Java Junkie | last post by:
Dear Colleagues: I feel that the dumbest questions are those that are never asked. I have been given the opportunity to get into .NET. Our organization has a subscription with Microsoft that...
ASP.NET
4
what is best approach doing this?
by: Jeff | last post by:
Hey ASP.NET 2.0 I'm about to create a UserControl for my web project, but I'm wondering if I need to create 2 UserControls instead. Because these UserControls will be very similar, the only...
ASP.NET
6
Suggestions for best practice: mysql vs array sorting
by: bill | last post by:
I am about to start on a module that will accept a location from a user, use Google geolocation services to get the lat/lon and then compute the distance from the site visitor to about 100 kennels...
PHP
184
If not .Net then what?
by: jim | last post by:
In a thread about wrapping .Net applications using Thinstall and Xenocode, it was pointed out that there may be better programming languages/IDEs to use for the purpose of creating standalone,...
.NET Framework
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!