Hi
I am creating an application in c# in which I want to give certain rights to admin and some to users. Since admin is the main owner so he has rights to access any user profile and alter it according. I knew that both have different login but how can I restrict the access for the user without altering anything without rights?
Any ref links or sample code in this regard will be highly obliged.
The principal / identity model is still present, so you can use Thread.CurrentPrincipal.IsInRole("myrole"), or (above methods) [PrincipalPermission(Role="myrole",Action= SecurityAction.Demand)], etc. In VS2008 you can hook the identity/principal directly into an ASP.NET authentication module (look for "client application services"), but it is fairly easy to write your own principal too, or use windows groups.
The good thing about "principal" - the abstraction means the same model works everywhere; WCF, winforms, webforms, asp.net mvc, etc.
Thanks for the answer I will look into it. I really appreciate http://msdn.microsoft.com/en-us/library/bb384297.aspx this link.