How to implement User base security not role base in asp.net?

views:

answers:

+1 Q:

How to implement User base security not role base in asp.net?

Hi,

I have to implement User base security in my Web project using .Net3.5. Followings are some we need:

Roles can be Admin, Manage, Editor, Member etc
User can have multiple roles
Every roles has its own dynamic menus and restrictions/resources
All menus and interface will populate dynamically from Database

I heard some where this kind of i.e user base security can be implemented using HashTable but I dont know how is it?

Today I came to know that for this kind of work Java people use Interceptor Design patterns. So, how could I do the same in asp.net C#?

Have you checked out the official Microsoft ASP.NET site? There are a number of tutorials related to security at http://www.asp.net/learn/security/

Theresa 2010-04-26 14:59:06

@TheresaThanks for quick reply. I had gone through all are saying about internal member Providers which we dont want to use

Rick 2010-04-26 15:02:18

Why don't you want to use the Membership Providers?

Theresa 2010-04-26 15:15:47

@TheresaAs per client requirement

Rick 2010-04-26 15:33:30

Create an HTTP module which then creates a classes that implements iPrincipal and iIdentity objects. In most cases iIdentity will do the hard work of loading the roles. In the HTTP module set Context.User to your new iPrincipal object in Authenicate event.
This is easier to implement than the Membership providers since the two interfaces iPrincipal and iIdentity is quite thin. On each page you can then use User.IsInRole("Rolename") to verify that the user has the appropriate rights.

ggonsalv 2010-04-26 16:44:42

@ggonsalvThanks for your reply, could you please give an example of code or any kind of link where I can find the code

Rick 2010-04-27 13:17:54

ansaurus

tags:

views:

answers:

How to implement User base security not role base in asp.net?

related questions