User Authentication: Custom Security
User Authentication: Custom Security
User Authentication: Custom Security
User Authentication: Custom Security
User Authentication: Custom Security
User Authentication: Custom Security User Authentication: Custom Security User Authentication: Custom Security User Authentication: Custom Security User Authentication: Custom Security User Authentication: Custom Security User Authentication: Custom Security User Authentication: Custom Security
User Authentication: Custom Security User Authentication: Custom Security
User Authentication: Custom Security
Go Back  Xtreme Visual Basic Talk > > > User Authentication: Custom Security


Reply
 
Thread Tools Display Modes
  #1  
Old 05-26-2013, 12:49 PM
ezfriend's Avatar
ezfriend ezfriend is offline
Centurion
 
Join Date: Jul 2003
Location: St. Paul, MN
Posts: 168
Default User Authentication: Custom Security


In our site (ASP.NET), we have different departments where department head can assign specific people to a specific security group.

The security group can read, add, modify, delete. Security group READONLY may be able to view the client screen, but only READADDMOD group can read, add, modify the screen. The page contain a NEW/SAVE button allowing appropriate user/usergroup to View, Add or Update records.

What would be a good (proper) approach to enabling/disabling the NEW/SAVE button for the appropriate group?

Is there anything like that build into the Membership/Role API authentication classes that I may have misunderstood it?

I read a lot on Membership API and either I don't get it or simply I just can find anything related to enabling/disabling specific function (button), show specific reports on a screen where it can be access by multiple group based on group security.

Thanks,
Chai.
__________________
... happy coding ...
Reply With Quote
  #2  
Old 05-26-2013, 02:24 PM
Qua's Avatar
QuaUser Authentication: Custom Security Qua is offline
Impetuous & volatile

* Expert *
 
Join Date: Apr 2005
Posts: 2,177
Default

If you integrate with the RoleProvider api native to ASP.NET, then you can ask if the currently logged in user has a specific role.

On your page you could query whether the user had the specific role, and if he does then you go ahead and show the "admin" buttons. If he does not then you leave them out. Remember to check this server side as well to prevent any security issues.
__________________
Reading is the foundation for all knowledge - Unknown.
Reply With Quote
  #3  
Old 06-05-2013, 12:39 PM
an_ezfriend an_ezfriend is offline
Newcomer
 
Join Date: Mar 2004
Posts: 11
Default

Yes, that work. Thank you.
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump

Advertisement:





Free Publications
The ASP.NET 2.0 Anthology
101 Essential Tips, Tricks & Hacks - Free 156 Page Preview. Learn the most practical features and best approaches for ASP.NET.
subscribe
Programmers Heaven C# School Book -Free 338 Page eBook
The Programmers Heaven C# School book covers the .NET framework and the C# language.
subscribe
Build Your Own ASP.NET 3.5 Web Site Using C# & VB, 3rd Edition - Free 219 Page Preview!
This comprehensive step-by-step guide will help get your database-driven ASP.NET web site up and running in no time..
subscribe
User Authentication: Custom Security
User Authentication: Custom Security
User Authentication: Custom Security User Authentication: Custom Security
User Authentication: Custom Security
User Authentication: Custom Security
User Authentication: Custom Security User Authentication: Custom Security User Authentication: Custom Security User Authentication: Custom Security User Authentication: Custom Security User Authentication: Custom Security User Authentication: Custom Security
User Authentication: Custom Security
User Authentication: Custom Security
 
User Authentication: Custom Security
User Authentication: Custom Security
 
-->