473,473 Members | 1,549 Online
Bytes | Software Development & Data Engineering Community
Create Post

Home Posts Topics Members FAQ

App level security w/multiple roles

All,

I have some questions about a possible solution to my scenario. Here it
is.

A person can belong to multiple applications
A person within an application can have multiple roles
A role within an application can have access to different
navigation(pages)

How can I prevent redundant navigational elements from showing? I use a
distinct filter to prevent duplicates but for some reason i get an
uneasy feeling about this method. Since a person can have multiple
roles..a single page will be used where different access will be
applied. Example, widget.aspx will check your roles and display certain
items via the code behind.

Here are a couple of queries to pull the information.

http://www.teewebco.com/images/all.gif
http://www.teewebco.com/images/distinct.gif

Should I use impersonation to accomplish this since I would be able to
keep the pages unique to the role and they user can switch in and out
of the the roles to accomplish this?

Sep 21 '06 #1
1 1500
Hello tm******@teewebco.com,

What do u mean with "How can I prevent redundant navigational elements from
showing"?
Do u want to hide elements where user have no righs?

You should assign specific tag/activity for each element/page. Then in database
map you role to these activities/id and in you code check whether user can
see this or not
All,

I have some questions about a possible solution to my scenario. Here
it is.

A person can belong to multiple applications
A person within an application can have multiple roles
A role within an application can have access to different
navigation(pages)
How can I prevent redundant navigational elements from showing? I use
a distinct filter to prevent duplicates but for some reason i get an
uneasy feeling about this method. Since a person can have multiple
roles..a single page will be used where different access will be
applied. Example, widget.aspx will check your roles and display
certain items via the code behind.

Here are a couple of queries to pull the information.

http://www.teewebco.com/images/all.gif
http://www.teewebco.com/images/distinct.gif
Should I use impersonation to accomplish this since I would be able to
keep the pages unique to the role and they user can switch in and out
of the the roles to accomplish this?
---
WBR,
Michael Nemtsev :: blog: http://spaces.live.com/laflour

"At times one remains faithful to a cause only because its opponents do not
cease to be insipid." (c) Friedrich Nietzsche
Sep 21 '06 #2
Create Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
1
Expanding Hierachy with multiple parents
by: John Smith | last post by:
I have a user assigned multiple roles and a role can be inherited from multiple parents (see below). How do I answer such questions as "How many roles does the user belongs to?" I answered the...
Latest Bytes
12
Security - Permissions Configuration
by: Angelos Karantzalis | last post by:
Is there a way to set Permissions based on user roles by using some configuration file for my application ? I'm coming from a Java background, where that could very easily be accomplished but...
Latest Bytes
2
How can i found out the current user's role/permission level
by: MJB | last post by:
I know I can get the current username through the System.Environment class, but I can't seem to find where I can retrieve the user's role / permission level (i.e. Admin, power user, etc). If...
Latest Bytes
4
threading and Principal question - from Role-based security to declarative security.
by: hazz | last post by:
If I successfully run a VS.NET app which includes the following; ************************** APP 1 **************************** m_iIdnt = new...
Latest Bytes
7
web application security
by: Stephen | last post by:
I have my intranet setup on our web server. It contains multiple applications, but none are set up in the default application pools. In other words, I create a webform and plop it into a...
Latest Bytes
2
Multi Level Forms Authentication Help DESPERATELY NEEDED!
by: Joe Rigley | last post by:
Help Please! I've been tasked with converting a portion of the corporate web site that currently utilizes local user accounts and NTFS via Basic Authentication to access certain files on the...
Latest Bytes
3
Field Level Security
by: Dave Wurtz | last post by:
All, Does anyone have ideas how they have implemented field (property) level security? I want to handle this from the business object level, not the database level. Is it best to have a...
Latest Bytes
2
System.Web.Security.Roles.GetRolesForUser() is returning no results
by: Nathan Sokalski | last post by:
When I call System.Web.Security.Roles.GetRolesForUser() it returns no results even though I have roles associated with the currently logged in user. I am able to get the username by calling...
Latest Bytes
2
System.Web.Security.Roles.GetRolesForUser() is not returning the correct results
by: Nathan Sokalski | last post by:
When I call System.Web.Security.Roles.GetRolesForUser() it returns no results (an array of length 0) even though I have roles associated with the currently logged in user. I am able to get the...
Latest Bytes
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Latest Bytes
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
Latest Bytes
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Latest Bytes
1
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Latest Bytes
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
Latest Bytes
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Latest Bytes
0
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Latest Bytes
0
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Latest Bytes
0
muto222
php
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
Latest Bytes

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us