Dynamic Checking of Roles - Enterprise Services
From: Jeff (jeff.noble@no.glhomes.spam.com)
Date: 12/30/02
- Next message: Dwight Goins: "Forms authentication does not work......"
- Previous message: Leo de Ruyter: "Failed to start monitoring directory changes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Jeff" <jeff.noble@no.glhomes.spam.com> Date: Mon, 30 Dec 2002 10:43:26 -0800
Hello,
I am trying to make a generic class to handle COM+
security in ASP.net.
I had hoped to pass the name of a method and the current
users identity from ActiveDirectory (from the
ContextUtil), to a function and have that function check
to see if the user is in a role to access that method.
I know about IsCallerInRole(), but that only checks the
current method, since I am trying to create a base class
to do these checks, I will always be calling a function
(ie: CheckCredentials
("foo",SecurityCallContext.CurrentCall.OriginalCaller.Acco
untName))
I also do not want to name the Role in code for a call to
IsCallerInRole(<role>).
I basically am looking for a way to enumerate the
methods, then enumerate the roles for a method and check
if the current user is in one of those roles. Is this
possible? What are my options?
I am sure this is not a new question as the same dilemma
exists for VB6 and COM+. By getting the role names out of
the code, I can easily have an implementation/security
team create roles at the method level to control
security. And by standardizing the method level checks, I
can inherit from a base class that already knows how to
do the checks.
Thanks in advance for any help!
Jeff
jeff.noble@no.glhomes.spam.com
(remove the no. and spam. to reply)
- Next message: Dwight Goins: "Forms authentication does not work......"
- Previous message: Leo de Ruyter: "Failed to start monitoring directory changes"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
