Hi,
the asp.net membership system use folder based system for the application security ,
here my scenario ;
a simple example
in a page i have three buttons
addinvoice/delete invoice/modifyInvoice
the user may have only the addinvoice permission so i cannt figure out how to do this in asp.net membership system
creating a page for every permissions combination is not a very good option
for example, in an old delphi/firebird application i have written
the administrator of the application can create other users, and give them CRUD rights on each table plus other rights,
these rights are translated into grant/revoke instructions and sent to the firebird server
my question is :
how this security mechanism interact on the sql server permissions/roles level :
now, is this possible to do this with the Asp.net membeship security model ?, because i am too lazy to do this myself :)
You might want to look into claims and WIF -- it provides a resource/operation style of modeling authorization to resources. Also, then AzMan is a data store that persists those rules.
issam1975
Member
37 Points
129 Posts
Asp.net Membership security and sql server permissions and roles
Nov 26, 2012 04:06 PM|LINK
Hi,
the asp.net membership system use folder based system for the application security ,
here my scenario ;
a simple example
in a page i have three buttons
addinvoice/delete invoice/modifyInvoice
the user may have only the addinvoice permission so i cannt figure out how to do this in asp.net membership system
creating a page for every permissions combination is not a very good option
for example, in an old delphi/firebird application i have written
the administrator of the application can create other users, and give them CRUD rights on each table plus other rights,
these rights are translated into grant/revoke instructions and sent to the firebird server
my question is :
how this security mechanism interact on the sql server permissions/roles level :
now, is this possible to do this with the Asp.net membeship security model ?, because i am too lazy to do this myself :)
any help, idea is welcome
thanks and good day
BrockAllen
All-Star
28072 Points
4996 Posts
MVP
Re: Asp.net Membership security and sql server permissions and roles
Nov 26, 2012 04:35 PM|LINK
You might want to look into claims and WIF -- it provides a resource/operation style of modeling authorization to resources. Also, then AzMan is a data store that persists those rules.
DevelopMentor | http://www.develop.com
thinktecture | http://www.thinktecture.com/