Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Fine grained security (view but not update)

Reply
Thread Tools

Fine grained security (view but not update)

 
 
Søren D
Guest
Posts: n/a
 
      04-06-2009
I am looking for good practices for allowing certain user roles to see but
but update. For instance a user may have access to a certain updateable grid
but are only allowed to view.

The far most elegant way would of course be to remove the edit/delete/insert
links from the view, but a less elegant solution is also sufficient.

Has anyone published material on the subject or does anyone in here have
some elegant ideas?

TIA,

/Soeren

 
Reply With Quote
 
 
 
 
Joe Kaplan
Guest
Posts: n/a
 
      04-06-2009
Have you looked at the AzMan framework? It is general purpose application
level authorization framework that allows you to program very granular
authorization logic into your applications. It is not coupled to the UI in
any way, so you would need to implement those bindings yourself but it is a
generally useful way to consider implementing this type of logic.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
"Søren D" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I am looking for good practices for allowing certain user roles to see but
>but update. For instance a user may have access to a certain updateable
>grid but are only allowed to view.
>
> The far most elegant way would of course be to remove the
> edit/delete/insert links from the view, but a less elegant solution is
> also sufficient.
>
> Has anyone published material on the subject or does anyone in here have
> some elegant ideas?
>
> TIA,
>
> /Soeren


 
Reply With Quote
 
 
 
 
Søren D
Guest
Posts: n/a
 
      04-06-2009
Thanks for your reply, but I am actually looking for the practical approach
to coupling with UI and database

/Soeren

"Joe Kaplan" <(E-Mail Removed)> skrev i meddelelsen
news:(E-Mail Removed)...
> Have you looked at the AzMan framework? It is general purpose application
> level authorization framework that allows you to program very granular
> authorization logic into your applications. It is not coupled to the UI
> in any way, so you would need to implement those bindings yourself but it
> is a generally useful way to consider implementing this type of logic.
>
> --
> Joe Kaplan-MS MVP Directory Services Programming
> Co-author of "The .NET Developer's Guide to Directory Services
> Programming"
> http://www.directoryprogramming.net
> "Søren D" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>>I am looking for good practices for allowing certain user roles to see but
>>but update. For instance a user may have access to a certain updateable
>>grid but are only allowed to view.
>>
>> The far most elegant way would of course be to remove the
>> edit/delete/insert links from the view, but a less elegant solution is
>> also sufficient.
>>
>> Has anyone published material on the subject or does anyone in here have
>> some elegant ideas?
>>
>> TIA,
>>
>> /Soeren

>


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Fine grained security (view but not update) Søren D ASP .Net 2 04-07-2009 10:23 AM
java xml binding with fine grained inheritance?? Elhanan Java 0 03-05-2006 06:49 PM
Intercepting what ASP.NET renders: how fine-grained? ASP .Net 4 08-03-2005 02:36 AM
Fine-grained access control dw ASP .Net 2 05-19-2005 01:54 PM
Fine Grained Security in Ruby 2.0? Gully Foyle Ruby 3 07-18-2004 01:07 PM



Advertisments