tags:

views:

42

answers:

2
Q: 

Building security architecture in web software (creating an API)

I have a set of actions in a database, such as Add User, Edit User, Import Users, Send Invitation, etc. I have attached these permissions to roles. Then I attached these roles to users.

Is there a good pattern or API I can create for using this? I do not want to put a bunch of if/else statements in the code to check for permissions. So maybe interfaces would be good? Sorry for being so vague, I just do not know where to start and looking for advise on how to start this (perhaps an authorization rule provider?). Thanks in advance for any help.

A: 

Roles and membership might be worth looking at - http://msdn.microsoft.com/en-us/library/yh26yfzy.aspx

It might be overkill for your site, but it is easy to use and implement.

adrianos  2010-10-07 07:13:04
+1  A: 

Microsoft's Roles and membership is too basic and felt like it only deals with authentication but no authorization.

BUT I found exactly what I was looking for... Rhino Security!

http://www.ryantomlinson.com/post/An-Enterprise-Authorization-Framework-Part-1-Introduction.aspx

TruMan1  2010-10-07 07:17:34
Interesting stuff.
Greg  2010-10-11 12:59:00

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?