Role-Based hierarchical model advice

From: NeverStill (sklett_2000_NoSpizay@yahoo.com)
Date: 09/27/02


From: "NeverStill" <sklett_2000_NoSpizay@yahoo.com>
Date: Thu, 26 Sep 2002 18:23:01 -0700

Hello,

I've been assigned my first security task for a web application, here are the main facts:
  a.. Small scale, asp.net web application
  b.. Forms Authentication
  c.. Validating credentials against SQL server
  d.. SSL - not that it matters, but just in case

>From my initial research, it looks like what we want to go with is Role-Based (RBAC) security and simply assign the different user to 1 or many roles.

I'm having a hard time getting my head around the best way to setup everything, I think what would help is advice on the best way to construct the database in regards to the roles. Would I need to create a many-to-many table for every item that I want to secure so that I can manage the roles? That would be a lot of work.

Also, if I wanted to make a role type: "Power User" inherit the roles: "User", "Guest", etc, how could I structure things so that?? I know these kinds of questions are annoying, I'm not looking for someone to hold my hand through this, I would just like some pointers or even links to articles that might be informative. ANY help would be greatly appreciated, I'm pretty lost on this ;)

TIA-

Steve



Relevant Pages

  • Re: The Ultimate Use of a Postal Scale
    ... > resourceful if you want the facts. ... I weighed my guitar once on a postal scale, ... All because I didn't have a scale in my apartment. ... you want to know how much they weigh. ...
    (rec.music.makers.guitar)
  • Re: New blood and licensing
    ... advantage of economies of scale. ... Oh No, facts! ... Sales @ radiowymsey ...
    (uk.radio.amateur)
  • Re: Taylor Short Scale
    ... Hi Rick, check your facts again, Taylor do not do a short scale 800 ...
    (rec.music.makers.guitar.acoustic)
  • Re: New blood and licensing
    ... which are also run by not for profit organisations, ... advantage of economies of scale. ... Oh No, facts! ...
    (uk.radio.amateur)