![]() |
![]() | ![]() | ![]() | ![]() | ![]() | ![]() | ![]() |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
![]() |
| |
| | #1 (permalink) |
| | how to implement a Role-Based winapp Hi , i'm developing a permission-based win application there is one Permission for each possible Action in db & each Role has some Permissions and a custom authentication system is implemented for identifying users and their roles now, 1.i want to know what's advantages of using .Net Role-Based Security ? i mean for controlling access of user to resources i could simply use something like this : ** if (currentuser.HasPermission("RequiredPermission")) then do the action ** 2.i would check user permission in Business layer but i want all of my biz methods contains a piece of code for controlling the access is there any way to force all methods to have this piece of code or at least a special code Attribute ? Thanks in advance |
My System Specs![]() |
| | #2 (permalink) |
| | Re: how to implement a Role-Based winapp Implementing role-based security in a winform is the same as any other; set the principal to something... at the simplest level see below(you can do much more sophisticated thing if you create your own principal). The advantage here is that a: it has runtime support built in (for the attribute check), and b: any code (yours or 3rd party) can check the same roles without needing to know about the specific implementation. Note that VS2008 includes support for using the ASP.NET roles provider inside a winform (via a web-service login). For enforcing security on all the methods automatically (rather than having to add the attribute) - one option would be PostSharp; it looks like it would be trivial to add some code that simply does a Demand... Marc static void Main(string[] args) { string[] myRoles = {"GUEST", "USER"}; Thread.CurrentPrincipal = new GenericPrincipal( new GenericIdentity("Fred"), myRoles); UserMethod(); CheckManually(); AdminMethod(); } [PrincipalPermission(SecurityAction.Demand, Role = "USER")] static void UserMethod() { Console.WriteLine("User method"); } static void CheckManually() { string role = "GUEST"; // dynamic... bool isInRole = Thread.CurrentPrincipal.IsInRole(role); // or to demand (throwing a suitable exception if not) PrincipalPermission perm = new PrincipalPermission(null, role); perm.Demand(); Console.WriteLine(isInRole); } [PrincipalPermission(SecurityAction.Demand, Role = "ADMIN")] static void AdminMethod() { Console.WriteLine("Admin method"); } |
My System Specs![]() |
| | #3 (permalink) |
| | Re: how to implement a Role-Based winapp Thanks Marc |
My System Specs![]() |
![]() |
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Headphones setting? Where is it? Please implement! | Vista General | |||
| Re: using xp based drive as slave on new vista based computer?? | Vista installation & setup | |||