Xtreme Visual Basic Talk

Xtreme Visual Basic Talk (http://www.xtremevbtalk.com/)
-   ASP.Net (http://www.xtremevbtalk.com/asp-net/)
-   -   User Authentication: Custom Security (http://www.xtremevbtalk.com/asp-net/325978-user-authentication-custom-security.html)

ezfriend 05-26-2013 11:49 AM

User Authentication: Custom Security
In our site (ASP.NET), we have different departments where department head can assign specific people to a specific security group.

The security group can read, add, modify, delete. Security group READONLY may be able to view the client screen, but only READADDMOD group can read, add, modify the screen. The page contain a NEW/SAVE button allowing appropriate user/usergroup to View, Add or Update records.

What would be a good (proper) approach to enabling/disabling the NEW/SAVE button for the appropriate group?

Is there anything like that build into the Membership/Role API authentication classes that I may have misunderstood it?

I read a lot on Membership API and either I don't get it or simply I just can find anything related to enabling/disabling specific function (button), show specific reports on a screen where it can be access by multiple group based on group security.


Qua 05-26-2013 01:24 PM

If you integrate with the RoleProvider api native to ASP.NET, then you can ask if the currently logged in user has a specific role.

On your page you could query whether the user had the specific role, and if he does then you go ahead and show the "admin" buttons. If he does not then you leave them out. Remember to check this server side as well to prevent any security issues.

an_ezfriend 06-05-2013 11:39 AM

Yes, that work. Thank you.

All times are GMT -6. The time now is 06:48 PM.

Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
Search Engine Optimisation provided by DragonByte SEO v2.0.15 (Lite) - vBulletin Mods & Addons Copyright © 2018 DragonByte Technologies Ltd.
All site content is protected by the Digital Millenium Act of 1998. Copyright©2001-2011 MAS Media Inc. and Extreme Visual Basic Forum. All rights reserved.
You may not copy or reproduce any portion of this site without written consent.