I have a small intranet application that is used by at most 100 users, though its used by multiple business units across the globe. What i need to do is set a default business unit for users based on their Active Directory group membership. We already authenticate
via AD so thats not problem. What is the best way to store the data once i get it from AD.
The application is 3 layers consisting of a MVC4 UI, a BO layer and obviously a DAL. Im thinking that storing the Business Unit in session and then refactoring all my DAL/BO methods to accept a nullable int would be the best way to deal with it. Is there
anyway i can expose a global variable that will span all three layers without having to expose the UI/BO to the DAL?
(This is my first major 3 layer app, the developer prior to me left a bit of a mess, and i really want to follow best practice on this)
Im thinking that storing the Business Unit in session and then refactoring all my DAL/BO methods to accept a nullable int would be the best way to deal with it.
Sounds good but the only problem is volatile nature of session. You might need to have initialization code in place if it gets removed from the memory.
alm1
Is there anyway i can expose a global variable that will span all three layers without having to expose the UI/BO to the DAL?
That is not a good idea, it will build lots of dependency in between the layers and if you wants to make change in any of these you will have problem later on.
This is identity information you're talking about so it should be treated as a security question.
If you're authenticating against AD then the AD groups are automatically populated into roles for the user. .NET then has a special global variable for the current user of any application, and this is the Thread.CurrentPrincipal variable. It has Identity.Name
and IsInRole APIs. IsInRole should be able to tell you what role (or group) the user is in.
Brock - The data or any of the data isnt critical between business units. Its only seperated and worked on that way so that they dont have to wade through each others data. Much more of a UI thing. They will still have the option to access all the
data anyway if they desire.
Cprakash - What do you mean by initialization? I think in the public string i will have something like this.
if(session!=null)
{
return session
}
else
{
run code to check group and reset session here
return session
}
var mycontent = Session[sessionKey] as MyContentType;
if(mycontent==null)
//...reinitialize the content
mycontent = new MyContentType();
return mycontent;
alm1
Member
133 Points
60 Posts
Global Variables - Session - Cache
Nov 07, 2012 11:10 PM|LINK
Hi All
I have a small intranet application that is used by at most 100 users, though its used by multiple business units across the globe. What i need to do is set a default business unit for users based on their Active Directory group membership. We already authenticate via AD so thats not problem. What is the best way to store the data once i get it from AD.
The application is 3 layers consisting of a MVC4 UI, a BO layer and obviously a DAL. Im thinking that storing the Business Unit in session and then refactoring all my DAL/BO methods to accept a nullable int would be the best way to deal with it. Is there anyway i can expose a global variable that will span all three layers without having to expose the UI/BO to the DAL?
(This is my first major 3 layer app, the developer prior to me left a bit of a mess, and i really want to follow best practice on this)
Thanks
Andy
CPrakash82
All-Star
18286 Points
2842 Posts
Re: Global Variables - Session - Cache
Nov 07, 2012 11:39 PM|LINK
Sounds good but the only problem is volatile nature of session. You might need to have initialization code in place if it gets removed from the memory.
That is not a good idea, it will build lots of dependency in between the layers and if you wants to make change in any of these you will have problem later on.
BrockAllen
All-Star
27534 Points
4907 Posts
MVP
Re: Global Variables - Session - Cache
Nov 08, 2012 12:30 AM|LINK
This is identity information you're talking about so it should be treated as a security question.
If you're authenticating against AD then the AD groups are automatically populated into roles for the user. .NET then has a special global variable for the current user of any application, and this is the Thread.CurrentPrincipal variable. It has Identity.Name and IsInRole APIs. IsInRole should be able to tell you what role (or group) the user is in.
You code could do checks like:
bool isInThatGroup = Thrread.CurrentPrincipal.IsInRole("YourGroupName");
and from the result of this call you should be able to make policy or authorization decisions.
DevelopMentor | http://www.develop.com
thinktecture | http://www.thinktecture.com/
alm1
Member
133 Points
60 Posts
Re: Global Variables - Session - Cache
Nov 08, 2012 04:19 PM|LINK
Thanks for the replies guys.
Brock - The data or any of the data isnt critical between business units. Its only seperated and worked on that way so that they dont have to wade through each others data. Much more of a UI thing. They will still have the option to access all the data anyway if they desire.
Cprakash - What do you mean by initialization? I think in the public string i will have something like this.
if(session!=null) { return session } else { run code to check group and reset session here return session }something like that?
CPrakash82
All-Star
18286 Points
2842 Posts
Re: Global Variables - Session - Cache
Nov 08, 2012 07:01 PM|LINK
I was talking about code like this.