Re: Need help improving authorization

From: AndiV (andiv_at_yahoo.com)
Date: 07/23/04 

Date: Thu, 22 Jul 2004 23:12:11 -0700

Thanks for your help, Chris and Joe.

"AndiV" <andiv@yahoo.com> wrote in message
news:ubyzj40bEHA.2840@TK2MSFTNGP11.phx.gbl...
> Each of my intranet page (windows authentication) needs to validate user's
> roles stored in the database. Currently, I retrieve the the
> User.Identity.Name property, then query the database for user's roles
> everytime a page is loaded, which is very inefficient.
>
> I think a more efficient approach would be to query the database only once
> for each user, the application_start event is probably the best place?
Once
> this particular user's roles are retrieved, the roles can be concatenated
as
> a delimied string and stored in cookie or a session variable. Then on each
> page load event, I just have to parse the roles string to apply
> authorization.
>
> I believe this scheme will work. But it seems more like a hack than a
design
> pattern or a best practice. I'm seeking a .NET elegant solution. Please
> advise.
>
> TIA,
> Andi
>
>

Relevant Pages

  • Re: Help - Timing Logic
    ... from the database ... ... now you either need to incorporate a locking procedure ... ... opposed to building the transaction in the code. ... implement as above locking only the records you retrieve / update - need ...
    (microsoft.public.dotnet.languages.vb)
  • Re: OT: MySQL versus PostgreSQL and database design
    ... to retrieve all the events at once. ... can make that a primary key in the database. ... likely to want to retrieve all at once, without any sorting. ... different the event types are -- if they've all got exactly the same ...
    (rec.crafts.metalworking)
  • RE: Need help improving authorization
    ... > roles stored in the database. ... > I think a more efficient approach would be to query the database only once ... > a delimied string and stored in cookie or a session variable. ... > page load event, I just have to parse the roles string to apply ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Getting a (non-radio) buttons index number from array
    ... index in the Comment array of the button that was fired. ... you don't need js if you print out the full DOM ... There needs to be some unique way to identify the row in the database. ... Then it's easy to retrieve the ...
    (comp.lang.php)
  • Re: OT: MySQL versus PostgreSQL and database design
    ... to retrieve all the events at once. ... in a way that you can avoid any real searching in your application, ... can make that a primary key in the database. ... I was thinking of sorting the events into different tables so that each table contains one type of event - specifically a subset of events that I'm likely to want to retrieve all at once, ...
    (rec.crafts.metalworking)