Best Design for a User/Role Management System?

Question

Here's a software design question I've encountered several times and have never found an ideal solution for (I'm also dealing with it now again.)

Many applications need some form of user/role management. You have base users, groups that these users can belong to (not limited to just one), roles and permissions they have, organizational units, and a whole bunch of properties and other features that are project-specific.

My question is, what ways do people know of and/or have experience with to design and build a really dynamic, flexible user management system? Are there any design patterns you know of that really help?

Answer 1

Not sure if it will help you, but if you have the opportunity you should check out the built in functionality in ASP.NET . You could get some pointers, at least, from there.

Answer 2

you should adapt your design because every organization are different.

check this page, you can see a pattern of role-base administration.

http://en.wikipedia.org/wiki/Role-based%5Faccess%5Fcontrol

Answer 3

Chapter 2 of The Data Model Resource Book, Vol. 1: A Library of Universal Data Models for All Enterprises (http://www.amazon.com/Data-Model-Resource-Book-Vol/dp/0471380237/ref=pd%5Fbxgy%5Fb%5Fimg%5Fb) might be helpful.

Answer 4

Take a look at Scott Mitchell's ASP.NET 2.0 Membership, Roles and Profile Tutorial series:

http://weblogs.asp.net/scottgu/archive/2006/05/07/ASP.NET-2.0-Membership-and-Roles-Tutorial-Series.aspx