ASP.NET MVC Authorization
How do I achieve authorization with MVC asp.net? ...
authorization
How to design database for authorization and authentication
I normally in my projects use such these code: If user.IsInRole("Admin") Then deleteButton.Visible = True else deleteButton.Visible = False But I want to control roles, which can see this button in database. For this purpose how should database design be? Thanks. ...
Any frameworks on Authentication & Authorization for Windows Form Application?
I'm a C# developer. I develop both Windows & Web Applications. I would like to build an Winforms application that has a role-based system. All users must in role/group(s). Then we assign permissions like "View, Add, Update,.." to role/group. The role/group is dynamic, so we let users to define it. Is there any frameworks and good sample...
Porting JDBCRealm from tomcat to OC4J
I'm porting a servlet from Tomcat 5.5 to OC4J 10.1.3.1. In Tomcat we set up a JDBCRealm for authentication and authorization. This was configured via the $TOMCAT_HOME/conf/server.xml. Is there a similar mechanism in OC4J? Where do I start looking for it? How do I define it? ...
Should unauthorized actions in the UI be hidden, disabled, or result in an error?
This is a perennial question for me that I've never really resolved so I'd like your input. If I have actions that I know a user will not be able to perform due to insufficient privileges or object state, should the UI elements for those actions be hidden from the user, visible but disabled, or visible and result in an error if attempte...
ASP.NET MVC: Problem setting the Authorize attribute Role from a variable, requires const
I am having a problem setting the Authorize attribute Role value from a variable. The error message says it requires a const variable. When I create a const type variable it works fine but I am trying to load the value from the Web.Config file or anything else that will allow the end user to set this. I'm using integrated Windows authe...
WCF username without certificate
I'm working on a project where I need the following WCF service on server side (.net 3.5) WPF client for the client side (.net 3.0) I have an existing application that I have to utilize the authentication and authorization from (on the server side). I also need to store some metadata about the user in the WCF Service's Thread Principa...
authentication/ authorization schema
is there any best practice data model for authentication/ authorization schema ...
asp.net mvc authorization using roles
I'm creating an asp.net mvc application that has the concept of users. Each user is able to edit their own profile. For instance: PersonID=1 can edit their profile by going to http://localhost/person/edit/1 PersonID=2 can edit their profile by going to http://localhost/person/edit/2 Nothing particularly exciting there... However...
Why does the CakePHP Authorization Componentent automatically logout when openeing two sites in parallel?
Hi, i have a problem within my CakePHP application: I use the Authorization Component for the login/logout mechanisms. Unfortunately users are logged out automatically when they try to open two or more php pages at the same moment. Thats happening very often because we tend to use the middle mouse button to open many tabs in short inter...
Customizing authorization in ASP.NET MVC
My Controller class is decorated with an AuthorizeAttribute to protect the actions: [Authorize(Roles = "User Level 2")] public class BuyController : Controller { ... } Anytime an action is invoked but the user is not in at least the role "User Level 2" he is automatically redirected to the login page with a url like this: http://...
What are the best wiki engine with good authorization features?
What is the best wiki engine with good authorization features? ...
Is Windows Authentication for WCF Enough?
I am developing an application where the security requirements for data transferred and access are fairly high. As I understand, Windows authentication is the preferred method for TCP over an intranet. How do you deal with situations where Domains are not used and only simple workgroups are available? (Some customers will not be using d...
Authorization and Authentication using WCF
What are the best practices for handling security i.e. Authorization and Authentication in Web Application? I am working on a web application, using WCF as SOA, there are more chances that in future individual component in my application can be integrated with some third party application. I am looking for a solution by which I can hand...
Conceptual overview of WCF security model?
I'm working with WCF at the moment and attempting to implement a custom security model based around an API key and signature (similar to how Facebook/Flickr/OAuth etc. work). There are a while bunch of classes like ServiceAuthorizationManager, SecurityToken, SecurityTokenValidator, IAuthorizationPolicy and so on, but I can't seem to fin...
Rails Authorization error
I'm currenty trying to integrate the rails-authorization plugin into a rails application. I've followed through the installation and setup steps but each time I try to use the permit "role" or permit? "role" functions, I get an error thrown up along the lines of 'const missing, User#RolesUser' which doesn't appear to have any use ...
Password protecting ATOM feeds
The Twitter ATOM feed requires your login and password (obviously), which is nicely supported by IE7 (apparently IE7 can't handle RSS feeds with login/pw). IE displays a simple login prompt when you register the feed. How do I implement something similar in ASP.NET without access to the server or IIS? ...
ASP-MVC: Object Instance Lost When Redirecting After Authorizing
I have an "Authorize" attribute on the Action that binds the form data. If the user submits the form but is not authorized, the login prompt appears. Once logged in, the user is properly redirected, but the model is null. How to handle this? ...
What to use? Digital signature?
Sorry I couldn't find the best heading for this question. Following is my requirement. I a working on a project which deals which large amount of money transactions to different account. The system automatically transfers money to accounts of A,B, C etc etc,, But before this is done Some one from A,B or C should approve(electronically) ...
Facebook authorization problem
I'm working on a facebook app and there's something I'm just not understanding about how their authorization system works. Our basic setup is this canvas URL = domain.com/facebook This is a simple page with an FBML Iframe element that points to domain.com/facebook/app which is an HTML page that serves up a Flash Application. The Fla...