Re: What is the best approach?
- From: Andrew <Andrew@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 21 Dec 2005 13:36:03 -0800
any reference papers that contain more details on what you mentioned?
thanks...
"Joe Kaplan (MVP - ADSI)" wrote:
> This depends on how your roles are being generated and how your identity
> lifecycle works. For example, if you store your users in SQL and keep your
> role definitions in SQL, then the user would just need to do something that
> would trigger their addition to the new role. Then, a new logon should give
> them the new role.
>
> If you were using Windows authentication, then the role membership would
> come directly from the user's AD groups.
>
> The bottom line is that you can make it work however you want. The key is
> to getting the users in the right roles and having that data provided to the
> forms authentication system. The <authorization> element is just a nice way
> to declaratively determine who gets to access to what using the built-in
> UrlAuthorizationModule.
>
> Joe K.
>
> "Andrew" <Andrew@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:E29C5839-EA3F-4CEB-B334-6C9CF512E497@xxxxxxxxxxxxxxxx
> > That is not good to us:
> >
> > After a user (a Junior) registered in my website, he/she should be able to
> > access all pages, except pages for Senior members, right away.
> >
> > He/she can not wait for us to manually add them into a role, because we
> > may
> > not check new member for days.
> >
> > Any other automatic ways? Thanks...
> >
> > "Dominick Baier [DevelopMentor]" wrote:
> >
> >> Hello Andrew,
> >>
> >> right
> >>
> >> also read this:
> >> http://www.leastprivilege.com/ASPNETAuthorizationSettings.aspx
> >> ---------------------------------------
> >> Dominick Baier - DevelopMentor
> >> http://www.leastprivilege.com
> >>
> >> > <configuration>
> >> > <system.web>
> >> > <authorization>
> >> > <deny users="*"/>
> >> > <allow roles="Admins"/>
> >> > </authorization>
> >> > </system.web>
> >> > </configuration>
> >> > this requires me "manually" add each new registered members into a
> >> > predefined role, say "Junior", "Senior", right?
> >> >
> >> > "Dominick Baier [DevelopMentor]" wrote:
> >> >
> >> >> Hello Andrew,
> >> >>
> >> >> have a look at the <authorization> element in web.config.
> >> >>
> >> >> ---------------------------------------
> >> >> Dominick Baier - DevelopMentor
> >> >> http://www.leastprivilege.com
> >> >>> Hello, friends,
> >> >>>
> >> >>> I implemented Forms Authentication in my asp.net app, it worked
> >> >>> fine. However, now I have another problem:
> >> >>>
> >> >>> Although a user can be authenticated, but he/she may still not be
> >> >>> allowed to view certain pages and folders. For exampl, a junior
> >> >>> member can not view pages for senior memebers, although he/she can
> >> >>> log into the web site. What is the best approach to do this?
> >> >>>
> >> >>> Any reference papers, sample code? Thanks.
> >> >>>
> >>
> >>
> >>
>
>
>
.
- Follow-Ups:
- Re: What is the best approach?
- From: Joe Kaplan \(MVP - ADSI\)
- Re: What is the best approach?
- References:
- Re: What is the best approach?
- From: Dominick Baier [DevelopMentor]
- Re: What is the best approach?
- From: Dominick Baier [DevelopMentor]
- Re: What is the best approach?
- From: Joe Kaplan \(MVP - ADSI\)
- Re: What is the best approach?
- Prev by Date: Re: What is the best approach?
- Next by Date: Re: What is the best approach?
- Previous by thread: Re: What is the best approach?
- Next by thread: Re: What is the best approach?
- Index(es):
Relevant Pages
|
|
