TECHNOLOGIES
FORUMS
JOBS
BOOKS
EVENTS
INTERVIEWS
Live
MORE
LEARN
Training
CAREER
MEMBERS
VIDEOS
NEWS
BLOGS
Sign Up
Login
No unread comment.
View All Comments
No unread message.
View All Messages
No unread notification.
View All Notifications
Answers
Post
An Article
A Blog
A News
A Video
An EBook
An Interview Question
Ask Question
Forums
Monthly Leaders
Forum guidelines
Administrator
Tech Writer
2.2k
1.5m
Role-Based Security
Feb 22 2003 8:53 PM
Hi all, I'm interested in some oppionions from you regarding role based security. The GenericPrincipal Object in .NET propagates that only roles should be used for authorization of business logic access. So what do you do ? You write the Role Names hardcoded in your Sourcecode. For example IsInRole("Salesman"). The Problem now is what do you do if the business logic change ? First the Windows User in the Role "Salesman" can add new data. After reorganization Salesman should only edit data. Perhaps the permission logic is an envolving process while programming the Software. A workaround for that could be that you write a extra Software that maps Windows User accounts to roles that are mapped to rights. But this seems overhead. Are there any "best practices" for this issue ? thanks in advance Stephan
Reply
Answers (
2
)
How do I do RAS in .NET?
NTFS Permissions