How do I synchronise Role Based Security ?
From: Fresh Air Rider (Fresh_Air_Rider_at_Hotmail.com)
Date: 03/21/04
- Next message: Joe Kaplan \(MVP - ADSI\): "Re: Authentication Issue (Anonymous user)"
- Previous message: dumb: "Authentication Issue (Anonymous user)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 21 Mar 2004 13:46:05 -0800
Hi All
I have written a website in DotNet (C#) which uses Role-based Security
with Forms Authentication
When a user logs in, their roles are retrieved from a SQL Server
database and an authentication ticket is created.
My only problem is that a User should only have to login every few
months but I want any changes made to a users permissions record in
the database to be picked up every time the user logs in.
In other words, if a user has been granted an "Admin" role and then
has this role revoked because they have misused it, I want the user to
be prevented from accessing the "Administration" area next time he or
she accesses the website.
I'm guessing that I Would need to update the
FormsAuthenticationTicket, possibly within the Session_Start section
of Global.asax.cs
If anyone could please give me some advice or a URL of an article
which covers this then I would be very grateful.
Many thanks in advance
John
- Next message: Joe Kaplan \(MVP - ADSI\): "Re: Authentication Issue (Anonymous user)"
- Previous message: dumb: "Authentication Issue (Anonymous user)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
