Extending the ASP.Net Security model to use rights : Part Four - RightPermission
The RightPermission works in the background. Out of sight, out of mind and easily forgotten. But it performs the "hard" work of securing the code. The RightPermission clips in at just over 300 lines of code. If you have not already read Part one - IPrincipal, Part two - IHttp...
[More]
Extending the ASP.Net Security model to use rights : Part Three - Attributes
Part Three- Attributes. Now that we have a Principal object with rights loaded as the current requests user we can begin assigning security to code by the users rights as well as their role membership. The objective here was to be able to tag code to require a right and assign that right...
[More]
Extending the ASP.Net Security model to use rights : Part two - the IHttpModule
In part one - IPrincipal, I talked about the right and IPrincipal objects needed to add "right" based security to asp.net applications in addition to role based security. There are a few things we need to do to get ready to build the IHttpModule. First we need something to give us ...
[More]
Extending the ASP.Net Security model to use rights : Part one - IPrincipal
Every now and again I find myself disappointed in the asp.net security model. The ability to assign roles is useful but if a role changes and I have implemented code security by role I now have to alter my PrincipalAttributes. That isn't a huge issue, but I am not of a fan of recompiling...
[More]