Hi, How to include security roles in grails portlets for liferay ? After deploying war in tomcat i added manually these lines for roles liferay-portlet.xml : <role-mapper> <role-name>administrator</role-name> <role-link>Administrator</role-link> </role-mapper> portlet.xml : <security-role-ref> ...
I have several pages or views in my application which are essentially the same for both authenticated users and anonymous users. I'd like to limit the insert/update/delete actions in formviews and gridviews to authenticated users only, and allow read access for both authed and anon users. I'm using the asp.net configuration system for ...
Hi... I'm trying to bind a selected user's role to a dropdown-list. The purpose of this is to be able to change said user's role. I'm attempting this inside a formview hooked up to a linqdatasource which contains a row from the aspnet_User table. The dropdown list is hooked up to a linqdatasource of all the roles in the aspnet_Roles ...
Hello guys; I have a conceptual question... I am making an Intranet application (Web platform) for a company. I have a SQL Server DB with these tables: Users (userID, userName, userPass, roleID) Roles (roleID, roleName) Pages (pageID, pageURL) RolesXPages(pageID, roleID) How is the best way to create a structure to store all this inf...
I want to use @PreAuthorize annotation on service methods with Spring Security. One of requirements is to use role-hierarchy. But by default it is not enabled. I found that in SecurityExpressionRoot class ("the base class for expression root objects") there is a property roleHierarchy. The class actually does use this property for metho...
Because the RoleProvider interface seems to treat roles as nothing more than simple strings, I'm wondering if there is any non-hacky way to apply an optional value for a role on a per-user basis. Our current login management system implements roles as key-value pairs, where the value part is optional and usually used to clarify or limit...
How can I have the security Roles replicated when I setup a Transactional Publication replication? Currently I have all the data, stored proc, views, indexes, etc... replicated, but I had to create the Roles and assign them to my users to have a working replication server. Is there a way to include security information when replicating...
Hi there, Does anyone know of a good framework to allow me design permission and roles against users. Basically allowing me to automatically check a user can do a certain thing, and then disabling or enabling menu items etc I am not really looking for asp.net security ... as i need to use it in my own service layer and clients both WE...
Hi there, I am been taking a look at asp.net membership and it seems to provide everything that i need but i need some kind of custom Role functionality. Currently i can add user to a role, great. But i also need to be able to add Permissions to Roles.. i.e. Role: Editor Permissions: Can View Editor Menu, Can Write to Editors Table...
Sorry for lengthy question. I can't tell if this should be a programming question or a project management question. Any advice will help. I inherited a reasonably large web project (1 year old) from a solo freelancer who architected it then abandoned it. The project was a mess, but I cleaned up what I could, and now the system is mor...
Hi, image two lists for selecting roles for a new user creation in an administrator frontend. One list has all available roles in it and another has the selected roles in it. Between those lists are buttons to move elements from one list to another. Thus the layout is horizontal with [List] [Buttons] [List]. Now to the question: Should...
So I have the Ninja model which has many Hovercrafts through ninja_hovercrafts (which stores the ninja_id and the hovercraft_id). It is of my understanding that this kind of arrangement should be set in a way that the associative table stores only enough information to bind two different classes. But I'd like to use the associative tab...
How can I pass along attributes to my tasks in capistrano? My goal is to deploy to multiple servers in a load balancer. I'd like to take each one out, deploy, and add it back in sequentially so no more than one server is down at any time. I'm thinking it would be something along the lines of... (and the hosts array would be generated d...
<siteMapNode roles="*"> <siteMapNode url="~/Default.aspx" title=" Main" description="Main" roles="*"/> <siteMapNode url="~/Items.aspx" title=" Adv" description="Adv" roles="Administrator"/> .... any user can see Adv page. That is a trouble and a qustion : why and how to hide out of role sitenodes. but if I do HttpContext....
We have a multi-tenant system with multiple different levels of access--sometimes even for the same user as they switch between multiple roles. We're beginning a discussion on moving over to a RESTful implementation of things. I'm just starting to get my feet wet with the whole REST thing. So how do I go about limiting access to the c...
hi folks, I'm using the asp built in membership controls, etc. There is a new user control that I wanting to use but this doesn't seem to give the option to set the roles for the user. Anyone know of how I can achieve this? -- Billy ...
how can i deny access to call method. something like this [HandleError] [Authorize(Roles = "role1, role2")] public class AdminController : Controller { [Deny(Roles = "role2")] public ActionResult ResultPage(string message) { ViewData["message"] = message; return...
Me and several other developers are currently cleaning up our legacy code base, mostly separating visual and data layers. To help developers not involved in this refactoring understand the model, I'd like to introduce a (rather informal) class diagram with comments about scope and desired usage for each class. Since I'm lazy, I'd like to...
Hello, guys! I have some User model, Role model and Assignment model to manage role-based user system. Just like here . So, here some kind of code, to include roles into users form: <% for role in Role.all %> <%= check_box_tag "user[role_ids][]", role.id, @user.roles.include?(role) %> <%=h role.name %><br /> <% end %> And all's work...
How should ASP.NET MVC routes be structured to allow granular role-based access control to business branches? Every business entity is related to a branch, either by itself or via its parent entities. Is there an elegant way to authorize actions based on user-roles for any number of branches? 1. {branch} in route? {branch}/{controller...