Mary,
Thanks for the suggestion. I didn't even know this was here (framework is
very big).
However, if I understand this correctly, this is really more for using
system settings to determine if code can/will be executed. Is that correct?
What I am really looking for is to check my own business rules as to whether
the user can access the information.
In my previous example, the CheckSecurity() call would check my own security
logic to see if the user of my application (not necessarily of the
workstation) can access this information.
Public ReadOnly Property MyCode() As String
Get
Try
CheckSecurity("MyCode", "DAVE")
Catch ex As SecurityException
'Do something with the exception, etc.
End Try
End Get
End Property
Public Sub CheckSecurity(propertyName As String, userName As String)
If propertyName = "MyCode" And userName = "DAVE"
Throw New SecurityException("User does not have security")
End If
End Sub
This, obviously is a VERY simple example and not very realistic, but
hopefully it gets my point across. Does this seem like a good approach to
take?
Thank you!
Dave
"Mary Chipman" <mc***@nomail.please> wrote in message
news:bt********************************@4ax.com...
You might want to take a look at creating security demands in your
code. Declarative demands are attributes that you use to decorate your
code, and you can allow code to load (and run) based on either Windows
roles or custom roles:
<PrincipalPermission(SecurityAction.Demand, _
Authenticated:=True, _
Role:="SomeRole")> _
Private Sub SomeMethod()
...
Or you can use imperative demands inside methods:
Public Function SomeMethod() As String
Dim op As New PrincipalPermission(Nothing, _
"BUILTIN\Administrators")
Try
op.Demand()
...
Catch ex As System.Security.SecurityException
Return ex.Message
End Try
...
See the topic "Demands" in help as a starting point.
-- Mary
MCW Technologies
http://www.mcwtech.com
On Thu, 18 Dec 2003 08:03:41 -0600, "Dave Wurtz"
<da*******************@asdsoftware.com> wrote:
All,
Does anyone have ideas how they have implemented field (property) level
security? I want to handle this from the business object level, not the
database level. Is it best to have a security checking method that gets
called in the property and throws an exception? If there are several
"fields" that are being accessed multiple times, does it hurt from a
performance perspective to have these exceptions thrown all of the time?
Public ReadOnly Property MyCode() As String
Get
Try
CheckSecurity(....)
Catch ex As SecurityException
'Do something with the exception, etc.
End Try
End Get
End Property
Just trying to get some ideas...
Thanks in advance!
Dave