Application level roles + Item level roles... how to do it?
From: Jéjé (willgart_A__at_hotmail_A_.com)
Date: 09/27/05
- Next message: [MSFT]: "RE: Using WMI to grant permissions to new users on folder.."
- Previous message: Tim Murphy: "Re: RedirectFromLoginPage: Returns to login page."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 26 Sep 2005 19:06:48 -0400
Hi,
I'm looking for samples to manage system or application level security and
item level security.
I have an intranet application where the users can create & edit some
objects like "Employees".
>From the application level view, the user is authorize or not to create an
employee.
But when the user will create it, he can associate this employee to only
authorized organizationnal units.
After this, the user can edit only employees in authorized organizationnal
units, but he can view (but not edit) all other employees.
So the user has a application role and an orgnizationnal unit role, how to
combine these?
Also, I want to use an operation based access check instead-of a role based
security.
So, I'm trying to play with the AzMan, but this not useable for a "2
dimensions" security.
Today I manage this at the application level, but today a user can edit any
employees, not only authorized one.
(employees is just a sample, I have a lot of objectsand each one as will
have more then simple edition capabilities)
I want to define specific roles for each user/orgnization combination.
I'm using ASP.NET 2.
The integrated membership SQL provider is excellent for the application
level security. But not so good for my needs.
I love AzMan to manage the operations allowed in a role... so if there is
any solution using it... I'll take it ;)
thanks for your help.
jerome.
- Next message: [MSFT]: "RE: Using WMI to grant permissions to new users on folder.."
- Previous message: Tim Murphy: "Re: RedirectFromLoginPage: Returns to login page."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
