RE: Windows + Custom Security hybrid??
- From: stcheng@xxxxxxxxxxxxxxxxxxxx (Steven Cheng[MSFT])
- Date: Thu, 21 Sep 2006 03:24:34 GMT
Hello Chris,
From your description, you have an ASP.NET 1.1 application which usewindows authentication and does authorization based on the roles of each
windows user (access control check in application), also each user has some
application specific data associated with him. Currently, you're going to
upgrade the application to ASP.NET 2.0 and want to utilize the new
membership/role provider features to do the same task, correct?
Based on my understanding, you could reimplement the security mechanism in
ASP.NET 2.0 through the following approach:
** still configured IIS to use intergrated windows and make ASP.NET use
windows authentication.
** and the role based <authorization> setting still remain the same(define
role based acccess control for individual pages or sub directory...)
** change the application to use SqlRoleProvider so that we can store our
custom roles for windows user(based on windows username) in SqlServer
database.
here is a good blog article(from scottgu's weblog) which has demonstrate a
typical sampe application similar to your scenario.
#Recipe: Implementing Role-Based Security with ASP.NET 2.0 using Windows
Authentication and SQL Server
http://weblogs.asp.net/scottgu/pages/Recipe_3A00_-Implementing-Role_2D00_Bas
ed-Security-with-ASP.NET-2.0-using-Windows-Authentication-and-SQL-Server.asp
x
In addition, since you mentioned that you also want to add some additional
cuatom datas associated with each user, you can consider use the Profile
service in ASP.NET 2.0 whicn can help store some per-user specific data and
is also provider based(default provider is sqlserver provider).
#ASP.NET Profile Properties Overview
http://msdn2.microsoft.com/en-us/library/2y3fs9xs.aspx
#ASP.NET Profile Properties
http://msdn2.microsoft.com/en-us/library/at64shx3.aspx
Hope this helps. If you have any further questions on this, please feel
free to let me know.
Sincerely,
Steven Cheng
Microsoft MSDN Online Support Lead
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
.
- Prev by Date: Re: Different results between declarative and imperative security
- Next by Date: Re-login if authenticated after session has expired
- Previous by thread: Sign hash with public key
- Next by thread: Re-login if authenticated after session has expired
- Index(es):
Relevant Pages
|
|
