473,400 Members | 2,163 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > how to implement a role-based winapp

Join Bytes to post your question to a community of 473,400 software developers and data experts.

how to implement a Role-Based winapp

Hi ,

i'm developing a permission-based win application
there is one Permission for each possible Action in db & each Role
has
some Permissions
and a custom authentication system is implemented for identifying
users and their roles
now,
1.i want to know what's advantages of using .Net Role-Based
Security ?
i mean for controlling access of user to resources i could simply use
something like this :
** if (currentuser.HasPermission("RequiredPermission")) then do the
action **
2.i would check user permission in Business layer but i want all of
my
biz methods contains a piece of code for controlling the access
is there any way to force all methods to have this piece of code or
at
least a special code Attribute ?
Thanks in advance
Jun 27 '08 #1
2 1183
Implementing role-based security in a winform is the same as any other;
set the principal to something... at the simplest level see below(you
can do much more sophisticated thing if you create your own principal).

The advantage here is that a: it has runtime support built in (for the
attribute check), and b: any code (yours or 3rd party) can check the
same roles without needing to know about the specific implementation.
Note that VS2008 includes support for using the ASP.NET roles provider
inside a winform (via a web-service login).

For enforcing security on all the methods automatically (rather than
having to add the attribute) - one option would be PostSharp; it looks
like it would be trivial to add some code that simply does a Demand...

Marc

static void Main(string[] args)
{
string[] myRoles = {"GUEST", "USER"};
Thread.CurrentPrincipal = new GenericPrincipal(
new GenericIdentity("Fred"), myRoles);
UserMethod();
CheckManually();
AdminMethod();
}
[PrincipalPermission(SecurityAction.Demand, Role = "USER")]
static void UserMethod()
{
Console.WriteLine("User method");
}

static void CheckManually()
{
string role = "GUEST"; // dynamic...
bool isInRole = Thread.CurrentPrincipal.IsInRole(role);

// or to demand (throwing a suitable exception if not)
PrincipalPermission perm = new PrincipalPermission(null, role);
perm.Demand();

Console.WriteLine(isInRole);
}

[PrincipalPermission(SecurityAction.Demand, Role = "ADMIN")]
static void AdminMethod()
{
Console.WriteLine("Admin method");
}
Jun 27 '08 #2
Thanks Marc
Jun 27 '08 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
automated role creation
by: cybertoast | last post by:
i seem to have some misunderstanding about how roles work in sql server 2005. i see that i can add a role to a database (dbname->->properties->permissions->. THis allows me to add either users or...
Microsoft SQL Server
0
How to implement user access control in ASP.NET 2.0
by: islandfong | last post by:
Hi, I am using ASP.NET 2.0 to implement a user access control system. The idea is that I would allow users (admin) to create new role, new user, assign user to role and the role is given...
.NET Framework
3
How to implement Role Enabled Security in Visual Basic 2005 ?
by: Luqman | last post by:
How to implement Role Enabled Security in Visual Basic 2005 Windows Application, like we do in ASP.Net 2.0 ? I want to use Sql Server Membership Security for Adding Roles and Users. Can I use...
Visual Basic .NET
5
how do i implement 'userlevels'?
by: ohmmega | last post by:
simple question: is there a easy way to implement different user levels (hiding buttons and such stuff)? regards rené p.
C# / C Sharp
13
Implement authorization in win forms
by: parez | last post by:
Whats the best way of implementing authorization in a win forms application. I mean things like show/hide or enable/disable Save button ,creating context menus etc.
C# / C Sharp
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!