By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,152 Members | 1,647 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,152 IT Pros & Developers. It's quick & easy.

How to implement security?

P: n/a
Hi everybody,

I am working on a small project that implements basic security (users
have to login/logout).
Only one user can be logged in at one time. I use C# and ADO.NET.
Users, passwords, accessrights to the system etc. is saved in an Access
database. Everything works fine the way security is implemented at this
point. I use an enum "AccessRight" (All, Read, Write) in my
application. Corresponding values is found in a separate table in my
database(tbl_Rights). By checking a users rights in the database and
comparing it to the enum I can enforce security within the application.
Some users can only read data not write or make changes, while others
can read and write.
What I want to be able to do is to have some sort of "dynamic"
security. Do I have to use an enum within my app like I have done? What
if I want to add another security level...then I would have to make
changes to my source code. I don't like that.

Any suggestions? Any help is appreciated.

Thanks

Nov 17 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
Expand on what you mean by dynamic security. You mean keeping the roles,
users, passwords in a database?

Also, only having one user log in at a time is not a very scalable
application.

"Tookums" <to*****@gmail.com> wrote in message
news:11**********************@g14g2000cwa.googlegr oups.com...
Hi everybody,

I am working on a small project that implements basic security (users
have to login/logout).
Only one user can be logged in at one time. I use C# and ADO.NET.
Users, passwords, accessrights to the system etc. is saved in an Access
database. Everything works fine the way security is implemented at this
point. I use an enum "AccessRight" (All, Read, Write) in my
application. Corresponding values is found in a separate table in my
database(tbl_Rights). By checking a users rights in the database and
comparing it to the enum I can enforce security within the application.
Some users can only read data not write or make changes, while others
can read and write.
What I want to be able to do is to have some sort of "dynamic"
security. Do I have to use an enum within my app like I have done? What
if I want to add another security level...then I would have to make
changes to my source code. I don't like that.

Any suggestions? Any help is appreciated.

Thanks

Nov 17 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.