473,465 Members | 1,773 Online
Bytes | Software Development & Data Engineering Community
Create Post

Home Posts Topics Members FAQ

Roles/Groups in ASP.NET 2.0

I'm looking to protect some pages using the Membership provider (ADS)
built into .NET 2.0. In order to protect these pages, whose details are
stored inside a SQL Server table with columns id,name,url,parentid etc.
I need to link them into some roles, or groups.

So only certain groups from our Active Directory can access certain
pages. The problem I'm facing is that ASP.NET 2.0 seems to restrict you
to using its Role provider model only.

This provider is great if you don't already have the groups of users
setup (or users inside certain roles). But I don't want the groups (or
Roles) stored in two places, I want to be able to assign page access to
certain groups from our Active Directory.

This is what I'm reading:
http://msdn2.microsoft.com/en-us/library/5k850zwb.aspx

Will I have to write my own implementation of RoleProvider for this?
Also, is there a provider that already exists for tying together page
access to roles/groups?

Most importantly, I want to be able to specify certain users as having
edit rights, whilst others only have view rights to different pages. I
was hoping to achieve this without writing my own system but
implementing a built-in provider in .NET 2

Mar 6 '06 #1
6 1470
I forgot to mention that I've looked at WindowsTokenRoleProvider. This
works great for looking up if a user is part of a group. However I was
looking for managing roles for the groups. e.g. Edit role, View role,
Delete role

Mar 6 '06 #2
On 6 Mar 2006 02:06:31 -0800, Chris wrote:
I forgot to mention that I've looked at WindowsTokenRoleProvider. This
works great for looking up if a user is part of a group. However I was
looking for managing roles for the groups. e.g. Edit role, View role,
Delete role


It sounds like you want AzMan, or authorization manager. ASP.NET includes
an AzMan role provider, and then you would use the activedirectory
membership provider.

AzMan allows you to specify complex operations, tasks, and groups. This
way, you can say Members with the "can edit foozles" operation can enable
that button (though this requires a little bit of work to make work right).

AzMan comes with Windows 2003, and you can install it in XP or Windows 2000
by downloading it.
Mar 10 '06 #3

Erik Funkenbusch wrote:
On 6 Mar 2006 02:06:31 -0800, Chris wrote:
I forgot to mention that I've looked at WindowsTokenRoleProvider. This
works great for looking up if a user is part of a group. However I was
looking for managing roles for the groups. e.g. Edit role, View role,
Delete role


It sounds like you want AzMan, or authorization manager. ASP.NET includes
an AzMan role provider, and then you would use the activedirectory
membership provider.

AzMan allows you to specify complex operations, tasks, and groups. This
way, you can say Members with the "can edit foozles" operation can enable
that button (though this requires a little bit of work to make work right).

AzMan comes with Windows 2003, and you can install it in XP or Windows 2000
by downloading it.


It doesn't seem to be available unless your AD is 2003.

Mar 22 '06 #4
On 22 Mar 2006 11:46:40 -0800, ne***********@gmail.com wrote:
Erik Funkenbusch wrote:
On 6 Mar 2006 02:06:31 -0800, Chris wrote:
I forgot to mention that I've looked at WindowsTokenRoleProvider. This
works great for looking up if a user is part of a group. However I was
looking for managing roles for the groups. e.g. Edit role, View role,
Delete role


It sounds like you want AzMan, or authorization manager. ASP.NET includes
an AzMan role provider, and then you would use the activedirectory
membership provider.

AzMan allows you to specify complex operations, tasks, and groups. This
way, you can say Members with the "can edit foozles" operation can enable
that button (though this requires a little bit of work to make work right).

AzMan comes with Windows 2003, and you can install it in XP or Windows 2000
by downloading it.


It doesn't seem to be available unless your AD is 2003.


That's true, however you could always use ADAM and syncronize your Win2000
AD with ADAM
Mar 22 '06 #5
Actually, you can store AzMan in an XML file (in addition to ADAM and AD.)

Check out:
http://technet2.microsoft.com/Window...cd0b61033.mspx

---
HTH
-Dave
---
This posting is provided "As Is" with no warranties, and confers no rights.

Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"Erik Funkenbusch" wrote:
On 22 Mar 2006 11:46:40 -0800, ne***********@gmail.com wrote:
Erik Funkenbusch wrote:
On 6 Mar 2006 02:06:31 -0800, Chris wrote:

I forgot to mention that I've looked at WindowsTokenRoleProvider. This
works great for looking up if a user is part of a group. However I was
looking for managing roles for the groups. e.g. Edit role, View role,
Delete role

It sounds like you want AzMan, or authorization manager. ASP.NET includes
an AzMan role provider, and then you would use the activedirectory
membership provider.

AzMan allows you to specify complex operations, tasks, and groups. This
way, you can say Members with the "can edit foozles" operation can enable
that button (though this requires a little bit of work to make work right).

AzMan comes with Windows 2003, and you can install it in XP or Windows 2000
by downloading it.


It doesn't seem to be available unless your AD is 2003.


That's true, however you could always use ADAM and syncronize your Win2000
AD with ADAM

Mar 27 '06 #6
On Mon, 27 Mar 2006 13:52:01 -0800, Dave McPherson [MSFT] wrote:
Actually, you can store AzMan in an XML file (in addition to ADAM and AD.)


Hmm.. I thought the AD integration dependancy on 2003 level was related to
using AD as your user source, not simply storing it in AD. Or am I wrong
on that?
Mar 27 '06 #7
Create Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
Forms Authentication +Active Directory +Roles
by: Marty Underwood | last post by:
Okay the subject line explains a scenario I just had to tackle but I am looking for a better way. The current way: 1) Use forms authentication. 2) Query Active Directory and bind to a user...
ASP.NET
2
users and roles
by: Francis Reed | last post by:
Hi I haven a question concerning roles and membership in asp.net 2.0. I work for an online university, and we would like to implement role based security for our portal. Currently our university...
ASP.NET
9
How to Implement Dynamic Roles
by: Mike Hofer | last post by:
BACKGROUND: We've designed a Website for a client that will be deployed across multiple physical locations. The site will be hosted from a corporate NOC, and administered by the IT group there. ...
ASP.NET
1
WindowsPrincipal.IsInRole actually check roles and NOT groups?
by: Andy | last post by:
Hi, I currently have my application setup and built using Windows Authentication (WindowsPrincipal). For security checks, I simply do an IsInRole call on the Principal. The role permissions...
C# / C Sharp
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
1
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA
0
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
C# / C Sharp
0
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us