How do I synchronise Role Based Security ?

From: Fresh Air Rider (Fresh_Air_Rider_at_Hotmail.com)
Date: 03/21/04

  • Next message: hkjamjam: "the size (height of the tab) change auto" 
    Date: 21 Mar 2004 13:47:36 -0800

    Hi All

    I have written a website in DotNet (C#) which uses Role-based Security
    with Forms Authentication
    When a user logs in, their roles are retrieved from a SQL Server
    database and an authentication ticket is created.

    My only problem is that a User should only have to login every few
    months but I want any changes made to a users permissions record in
    the database to be picked up every time the user logs in.

    In other words, if a user has been granted an "Admin" role and then
    has this role revoked because they have misused it, I want the user to
    be prevented from accessing the "Administration" area next time he or
    she accesses the website.

    I'm guessing that I Would need to update the
    FormsAuthenticationTicket, possibly within the Session_Start section
    of Global.asax.cs

    If anyone could please give me some advice or a URL of an article
    which covers this then I would be very grateful.

    Many thanks in advance
    John

  • Next message: hkjamjam: "the size (height of the tab) change auto"