I have been doing some initial research for authentication and authorization
options for our next round of apps. I found an article in MSDN magazine
that involved using MS Authorization Manager AKA: AzMan, I'm still looking
into azman. I have also done authentication and authorization with asp.net
in the past, I don't recall the classes that I used, but I think they were
specific to asp.net. I would like to use a SqlServer back end for our user
data. We don't need any AD integration. We basically just need a simple
user/roles system.
I'm curious how some of you have implemented this in the past. I have a
tendency to "roll my own" solution too often and would be interested in
utilizing pre existing classes if they fit our needs.
If you have a basic solution that you have used in the past that worked
well, please share. I'm trying to get all my options out on the table so
that I can make the best decision.
Thanks for reading,
Steve
4  9140 
Hi Steve,
if I was you I would look into the Principal and Identity concept inside
the System.Security.Principal namespace. Basically an identity says who this
person is and if they have been authenticated and a principal links an
identity to a collection of roles. There is an IIdentity and IPrincipal
interface plus a couple of concrete implementations of these interfaces that
are in the framework like WindowsPrincipal or a GenericPrincipal.
You can then set the Principal information in the current thread, using the:
System.Threading.Thread.CurrentPrincipal property. This way you can easily
pass round the users identity and role information throughout your
application.
Hope that gives you a starting point.
Mark Dawson http://www.markdawson.org
"sklett" wrote: I have been doing some initial research for authentication and authorization
options for our next round of apps. I found an article in MSDN magazine
that involved using MS Authorization Manager AKA: AzMan, I'm still looking
into azman. I have also done authentication and authorization with asp.net
in the past, I don't recall the classes that I used, but I think they were
specific to asp.net. I would like to use a SqlServer back end for our user
data. We don't need any AD integration. We basically just need a simple
user/roles system.
I'm curious how some of you have implemented this in the past. I have a
tendency to "roll my own" solution too often and would be interested in
utilizing pre existing classes if they fit our needs.
If you have a basic solution that you have used in the past that worked
well, please share. I'm trying to get all my options out on the table so
that I can make the best decision.
Thanks for reading,
Steve
After further review, AzMan isn't an option as not all of the users of our
system will be in our active directory and it appears that AzMan doesn't
support localized, non windows user accounts. In other words, there is no
"Create new user" option in AzMan.
This is too bad, I really liked the nested approach they use, very
efficient.
"sklett" <as**@fkd.com> wrote in message
news:eC**************@TK2MSFTNGP09.phx.gbl... I have been doing some initial research for authentication and
authorization options for our next round of apps. I found an article in
MSDN magazine that involved using MS Authorization Manager AKA: AzMan, I'm
still looking into azman. I have also done authentication and
authorization with asp.net in the past, I don't recall the classes that I
used, but I think they were specific to asp.net. I would like to use a
SqlServer back end for our user data. We don't need any AD integration.
We basically just need a simple user/roles system.
I'm curious how some of you have implemented this in the past. I have a
tendency to "roll my own" solution too often and would be interested in
utilizing pre existing classes if they fit our needs.
If you have a basic solution that you have used in the past that worked
well, please share. I'm trying to get all my options out on the table so
that I can make the best decision.
Thanks for reading,
Steve
Hi Steve,
if I was you I would look into the Principal and Identity concept inside
the System.Security.Principal namespace. Basically an identity says who this
person is and if they have been authenticated and a principal links an
identity to a collection of roles. There is an IIdentity and IPrincipal
interface plus a couple of concrete implementations of these interfaces that
are in the framework like WindowsPrincipal or a GenericPrincipal.
You can then set the Principal information in the current thread, using the:
System.Threading.Thread.CurrentPrincipal property. This way you can easily
pass round the users identity and role information throughout your
application.
Hope that gives you a starting point.
Mark Dawson http://www.markdawson.org
"sklett" wrote: I have been doing some initial research for authentication and authorization
options for our next round of apps. I found an article in MSDN magazine
that involved using MS Authorization Manager AKA: AzMan, I'm still looking
into azman. I have also done authentication and authorization with asp.net
in the past, I don't recall the classes that I used, but I think they were
specific to asp.net. I would like to use a SqlServer back end for our user
data. We don't need any AD integration. We basically just need a simple
user/roles system.
I'm curious how some of you have implemented this in the past. I have a
tendency to "roll my own" solution too often and would be interested in
utilizing pre existing classes if they fit our needs.
If you have a basic solution that you have used in the past that worked
well, please share. I'm trying to get all my options out on the table so
that I can make the best decision.
Thanks for reading,
Steve
Hi Mark,
Thank you for your post! I believe these are the two interfaces that I used
when I developed the asp.net application. It sounds like from what you have
said that I'm not limited to using them with just the WebForms side of
things. I will find some good examples and tutorials and give this a real
look. Thank you again for your post.
Have a good night,
Steve
"Mark R. Dawson" <Ma*********@discussions.microsoft.com> wrote in message
news:68**********************************@microsof t.com... Hi Steve,
if I was you I would look into the Principal and Identity concept inside
the System.Security.Principal namespace. Basically an identity says who
this
person is and if they have been authenticated and a principal links an
identity to a collection of roles. There is an IIdentity and IPrincipal
interface plus a couple of concrete implementations of these interfaces
that
are in the framework like WindowsPrincipal or a GenericPrincipal.
You can then set the Principal information in the current thread, using
the:
System.Threading.Thread.CurrentPrincipal property. This way you can
easily
pass round the users identity and role information throughout your
application.
Hope that gives you a starting point.
Mark Dawson
http://www.markdawson.org
"sklett" wrote:
I have been doing some initial research for authentication and
authorization
options for our next round of apps. I found an article in MSDN magazine
that involved using MS Authorization Manager AKA: AzMan, I'm still
looking
into azman. I have also done authentication and authorization with
asp.net
in the past, I don't recall the classes that I used, but I think they
were
specific to asp.net. I would like to use a SqlServer back end for our
user
data. We don't need any AD integration. We basically just need a simple
user/roles system.
I'm curious how some of you have implemented this in the past. I have a
tendency to "roll my own" solution too often and would be interested in
utilizing pre existing classes if they fit our needs.
If you have a basic solution that you have used in the past that worked
well, please share. I'm trying to get all my options out on the table so
that I can make the best decision.
Thanks for reading,
Steve
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Empire City |
last post by:
I saw the following requirement somewhere:
"....using WinForms and the screens should be described in XML. The XML is
to prescribe both the layout as well as the connectivity to the underlying...
|
by: Shamil Salakhetdinov |
last post by:
Hi All,
Have anybody seen somewhere techniques like the one described here:
Automating Windows Applications
http://www.thecodeproject.com/com/automatingwindowsapps.asp
but for managed...
|
by: 3Cooks |
last post by:
I have a windows application written in Visual Basic 6.0 that is going
to be redeveloped in dotNET. We are trying to decide if we should
deploy using Webforms or Winforms and I need advice from...
|
by: deko |
last post by:
When to use a privileged user thread rather than a windows service?
That's the question raised in a previous post . It was suggested that if the service needs to interact
with a WinForms app...
|
by: gilly3 |
last post by:
I'd like to use a master page for (nearly) every page in my ASP.NET 2.0
website.
I also have some webpages that I'd like to protect by using forms
authorization.
I have a page that requires...
|
by: brian.wilson4 |
last post by:
Our group is currently comparing winforms vs webforms.....app is Corp
LAN based - we have control of desktops.....Below is pros and cons list
we have come up with - if anything strikes you as...
|
by: Jules Winfield |
last post by:
Guys,
I've been designing applications for the financial services industry using
MSFT technologies for many years (Win32 API, MFC, and now .NET WinForms).
All applications are Internet-based,...
|
by: twdinc |
last post by:
I am primarily a web developer but I am starting a WinForms
applications. In the past, I have seen sample applications,
starterkits, and/or Visual Studio Templates that are basically empty
Visual...
|
by: raylopez99 |
last post by:
Here I am learning WinForms and two months into it I learn there's a
WPF API that is coming out. Is this WPF out yet, and is it a threat
to WinForms, in the sense that all the library routines I...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
| |
