Velocity Reviews

Velocity Reviews (
-   ASP .Net Security (
-   -   Application level roles + Item level roles... how to do it? (

Jéjé 09-26-2005 11:06 PM

Application level roles + Item level roles... how to do it?

I'm looking for samples to manage system or application level security and
item level security.

I have an intranet application where the users can create & edit some
objects like "Employees".
From the application level view, the user is authorize or not to create an
But when the user will create it, he can associate this employee to only
authorized organizationnal units.
After this, the user can edit only employees in authorized organizationnal
units, but he can view (but not edit) all other employees.

So the user has a application role and an orgnizationnal unit role, how to
combine these?

Also, I want to use an operation based access check instead-of a role based
So, I'm trying to play with the AzMan, but this not useable for a "2
dimensions" security.

Today I manage this at the application level, but today a user can edit any
employees, not only authorized one.

(employees is just a sample, I have a lot of objectsand each one as will
have more then simple edition capabilities)

I want to define specific roles for each user/orgnization combination.

I'm using ASP.NET 2.
The integrated membership SQL provider is excellent for the application
level security. But not so good for my needs.

I love AzMan to manage the operations allowed in a role... so if there is
any solution using it... I'll take it ;)

thanks for your help.


All times are GMT. The time now is 06:43 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.