Re: Role Based Security

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: "sloan" <sloan@xxxxxxxxx>
Date: Tue, 28 Oct 2008 12:56:51 -0400

Personally...I created my own IPrincipal interface (and concrete
implementation).
I decided to go to a RIGHTS based model.

The below interface has met my needs, 100% of the time.

I feel the "Roles" based system kinda is lacking a tad. Most people can
make it work.
One guy (at a user group meeting) told me he uses "rights" anywhere the word
"role" appears.
(Aka, an artficial swap out).

public interface IRolesAndRightsPrincipal :
System.Security.Principal.IPrincipal
{

bool IsInRole(System.Guid role);

bool IsInAnyRole(System.Guid[] roles);

bool IsInAllRoles(System.Guid[] roles);

bool HasRight(System.Guid right);

bool HasAnyRight(System.Guid[] rights);

bool HasAllRights(System.Guid[] rights);

ISecurityRoleCollection AllRoles //and ISecurityRole is just a Guid
and a Name simple object in my world
{
get;
}

ISecurityRightCollection AllRights//and ISecurityRight is just a
Guid and a Name simple object in my world
{
get;
}

}

"Martin Eckart" <moartl17atyahoo.de> wrote in message
news:%23VHhwsROJHA.2404@xxxxxxxxxxxxxxxxxxxxxxx

Hi NG,

I am about to start development of the Security part of a big application.
The requirements are that users must be assigned to roles and the roles
then can be configured to access features.

The features are a set of methods in C# which will be defined once before
rollout. The assignment which roles can access those features are
configurable in an xml file.

I would like to use Role Based Security functionality from the .NET
Framework but have not found anything yet about how to make the following
call depending on an external file/service:
[PrincipalPermissionAttribute(SecurityAction.Demand, Name = "MyUser", Role
= "User")]
I can get the current user form my database, but I don't know how to put a
placeholder here for the Role and replace it then with the value from the
configuration file.

Any hints?

Thanks,
Martin

Follow-Ups:
- Re: Role Based Security
  - From: Martin Eckart

References:
- Role Based Security
  - From: Martin Eckart

Prev by Date: Re: Role Based Security
Next by Date: Re: Regex expression for numeric value with length check
Previous by thread: Re: Role Based Security
Next by thread: Re: Role Based Security
Index(es):
- Date
- Thread

Relevant Pages

Re: Role Based Security
... I don't implement/use the Demand() method. ... I decided to go to a RIGHTS based model. ... bool IsInAnyRole; ... ISecurityRoleCollection AllRoles //and ISecurityRole is just a ...
(microsoft.public.dotnet.framework)
Re: Role Based Security
... Are you implementing your own Demand() method? ... I decided to go to a RIGHTS based model. ... bool IsInAnyRole; ... ISecurityRoleCollection AllRoles //and ISecurityRole is just a Guid ...
(microsoft.public.dotnet.framework)
Re: Custom IPrincipal with a Generic
... But sometimes I am using roles / rights in a string format. ... bool HasRight; ... The reason for this is that you might want to use strings or Guids on ... public interface IRolesAndRightsPrincipalABC: ...
(microsoft.public.dotnet.languages.csharp)
Re: Factory method question
... and rather to an interface or abstract class. ... my suggestion means you'd be programming to concrete classes. ... bool IsMatch; ... database with a unique ...
(microsoft.public.dotnet.languages.csharp)
Re: Question about data layer
... Here is a ModelBase interface that alloows you to do that even over SOAP. ... TModelType UnderlyingValues ... bool IsNew; ... You DAL calls populate after it has populated the ...
(microsoft.public.dotnet.languages.csharp)