Re: Defining Roles, Groups?

On Aug 26, 5:26 am, Dominick Baier
<dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
The roles system was not designed for multi client applications -. you will
get something much better suited for your scenario by simply writing your
own roles management...

-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

Hi,
I want to use the default SqlMembershipProvider and SqlRolesProvider
for an
ASP.NET app. and I want to avoid writing Custom Providers if I can.
The problem I have is how to define the roles in the first place!
We have some standard User roles: Viewer, Author and Editor. But we
have
various clients and some users need to have a different role according
to
client ie. User Bob will have a Viewer role for Client A data BUT an
Author
role for Client B data.
Obviously, I don't want to create a role for every combination eg.
ClientAViewer, ClientBViewer, ClientCViewer, ClientAAuthor etc. etc.
and we dont want to force users to have a different username for each
client.

But if I want to use the default SqlRolesProvider, I don't see what
else I can do. Or am I just approaching this in the wrong way?

Thanks,
Adam

I have similar issue, would CardSpace be something of use here?
Basically, use CardSpace to integrate with Active Directory
authentication, and then attach your own custom properties to the user
that specifies their roles for each of the clients. I don't suppose
you would be using the IsInRole method, but instead I suppose the user
would have to provide some method of specifying which client they are
working for and then the web app/service could inspect the properties
for that user and for that client to get the permissions.

Ron

.

Relevant Pages

  • Re: Denormalizing for form only
    ... familiar to Excel users, as you already know, it isn't necessary ... So your position is to force the client to adapt to how Access ... Proper table design makes it way easier to ... reading, and writing. ...
    (microsoft.public.access.forms)
  • Re: Defining Roles, Groups?
    ... Dominick Baier ... and I want to avoid writing Custom Providers if I can. ... client ie. ... Not sure if my scenario is like ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Writing a windows service with a socket interface.
    ... I'm writing a windows service that is accessible via sockets. ... and sends a response back to the client. ... Are there any good resources on writing windows services with socket ... Or perhaps if the IP address of the server was modified while the ...
    (microsoft.public.dotnet.framework)
  • Re: Strange NFS write performance Linux->Solaris-10/VXFS, maybe VW related
    ... Strange NFS write performance Linux->Solaris-10/VXFS, ... get buffered on the client. ... If you can confirm that the server is actually writing stuff to ...
    (Linux-Kernel)
  • Re: Running Software
    ... runsrealfast wrote: ... Are you guys using online tool or a client based ... I was considering just writing my own (then I could have it ...
    (rec.running)