after the db

Discussion in 'ASP .Net' started by =?Utf-8?B?cm9kY2hhcg==?=, Mar 6, 2007.

  1. hey all,
    ok, i have my database locked down as much as i could. certain groups can do
    certain things.
    now, when i build my web application over this do i have to repeat the
    authorization in the code of "certain groups can do certain things"? Or will
    the application inherit that from the database?

    thanks,
    rodchar
    =?Utf-8?B?cm9kY2hhcg==?=, Mar 6, 2007
    #1
    1. Advertising

  2. It's all a matter of the user account in the Connection String to the
    database. Whatever Group that user account belongs to is the database user
    that connects to the database.

    --
    HTH,

    Kevin Spencer
    Microsoft MVP

    Help test our new betas,
    DSI PrintManager, Miradyne Component Libraries:
    http://www.miradyne.net

    "rodchar" <> wrote in message
    news:...
    > hey all,
    > ok, i have my database locked down as much as i could. certain groups can
    > do
    > certain things.
    > now, when i build my web application over this do i have to repeat the
    > authorization in the code of "certain groups can do certain things"? Or
    > will
    > the application inherit that from the database?
    >
    > thanks,
    > rodchar
    Kevin Spencer, Mar 6, 2007
    #2
    1. Advertising

  3. In IIS i'm specifying Integrated Windows authentication. What I'm trying to
    do is enable/disable a button on my web page based on the permissions the
    user has on a particular database table.

    For instance, if the user has been granted CRUD (Insert, Select, Update, and
    Delete) rights in the database then the button should be enabled.

    Open to better ideas of doing things as well.

    thanks,
    rodchar

    "Kevin Spencer" wrote:

    > It's all a matter of the user account in the Connection String to the
    > database. Whatever Group that user account belongs to is the database user
    > that connects to the database.
    >
    > --
    > HTH,
    >
    > Kevin Spencer
    > Microsoft MVP
    >
    > Help test our new betas,
    > DSI PrintManager, Miradyne Component Libraries:
    > http://www.miradyne.net
    >
    > "rodchar" <> wrote in message
    > news:...
    > > hey all,
    > > ok, i have my database locked down as much as i could. certain groups can
    > > do
    > > certain things.
    > > now, when i build my web application over this do i have to repeat the
    > > authorization in the code of "certain groups can do certain things"? Or
    > > will
    > > the application inherit that from the database?
    > >
    > > thanks,
    > > rodchar

    >
    >
    >
    =?Utf-8?B?cm9kY2hhcg==?=, Mar 6, 2007
    #3
  4. An ASP.Net application runs as a single identity, not as multiple logged-in
    users. So, you would have to create a custom Connection on a per-user basis,
    rather than using Windows Authentication. What you probably want to do is
    implement ASP.Net Membership, which can be tied to Active Directory. See
    http://msdn2.microsoft.com/en-us/library/tw292whz.aspx

    --
    HTH,

    Kevin Spencer
    Microsoft MVP

    Help test our new betas,
    DSI PrintManager, Miradyne Component Libraries:
    http://www.miradyne.net


    "rodchar" <> wrote in message
    news:...
    > In IIS i'm specifying Integrated Windows authentication. What I'm trying
    > to
    > do is enable/disable a button on my web page based on the permissions the
    > user has on a particular database table.
    >
    > For instance, if the user has been granted CRUD (Insert, Select, Update,
    > and
    > Delete) rights in the database then the button should be enabled.
    >
    > Open to better ideas of doing things as well.
    >
    > thanks,
    > rodchar
    >
    > "Kevin Spencer" wrote:
    >
    >> It's all a matter of the user account in the Connection String to the
    >> database. Whatever Group that user account belongs to is the database
    >> user
    >> that connects to the database.
    >>
    >> --
    >> HTH,
    >>
    >> Kevin Spencer
    >> Microsoft MVP
    >>
    >> Help test our new betas,
    >> DSI PrintManager, Miradyne Component Libraries:
    >> http://www.miradyne.net
    >>
    >> "rodchar" <> wrote in message
    >> news:...
    >> > hey all,
    >> > ok, i have my database locked down as much as i could. certain groups
    >> > can
    >> > do
    >> > certain things.
    >> > now, when i build my web application over this do i have to repeat the
    >> > authorization in the code of "certain groups can do certain things"? Or
    >> > will
    >> > the application inherit that from the database?
    >> >
    >> > thanks,
    >> > rodchar

    >>
    >>
    >>
    Kevin Spencer, Mar 6, 2007
    #4
  5. Thank you Kevin for your generous help.
    Rod.

    "Kevin Spencer" wrote:

    > An ASP.Net application runs as a single identity, not as multiple logged-in
    > users. So, you would have to create a custom Connection on a per-user basis,
    > rather than using Windows Authentication. What you probably want to do is
    > implement ASP.Net Membership, which can be tied to Active Directory. See
    > http://msdn2.microsoft.com/en-us/library/tw292whz.aspx
    >
    > --
    > HTH,
    >
    > Kevin Spencer
    > Microsoft MVP
    >
    > Help test our new betas,
    > DSI PrintManager, Miradyne Component Libraries:
    > http://www.miradyne.net
    >
    >
    > "rodchar" <> wrote in message
    > news:...
    > > In IIS i'm specifying Integrated Windows authentication. What I'm trying
    > > to
    > > do is enable/disable a button on my web page based on the permissions the
    > > user has on a particular database table.
    > >
    > > For instance, if the user has been granted CRUD (Insert, Select, Update,
    > > and
    > > Delete) rights in the database then the button should be enabled.
    > >
    > > Open to better ideas of doing things as well.
    > >
    > > thanks,
    > > rodchar
    > >
    > > "Kevin Spencer" wrote:
    > >
    > >> It's all a matter of the user account in the Connection String to the
    > >> database. Whatever Group that user account belongs to is the database
    > >> user
    > >> that connects to the database.
    > >>
    > >> --
    > >> HTH,
    > >>
    > >> Kevin Spencer
    > >> Microsoft MVP
    > >>
    > >> Help test our new betas,
    > >> DSI PrintManager, Miradyne Component Libraries:
    > >> http://www.miradyne.net
    > >>
    > >> "rodchar" <> wrote in message
    > >> news:...
    > >> > hey all,
    > >> > ok, i have my database locked down as much as i could. certain groups
    > >> > can
    > >> > do
    > >> > certain things.
    > >> > now, when i build my web application over this do i have to repeat the
    > >> > authorization in the code of "certain groups can do certain things"? Or
    > >> > will
    > >> > the application inherit that from the database?
    > >> >
    > >> > thanks,
    > >> > rodchar
    > >>
    > >>
    > >>

    >
    >
    >
    =?Utf-8?B?cm9kY2hhcg==?=, Mar 7, 2007
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dirk Meusel
    Replies:
    1
    Views:
    3,014
    Dirk Meusel
    Aug 19, 2003
  2. Andreas Klemt
    Replies:
    0
    Views:
    827
    Andreas Klemt
    Feb 1, 2004
  3. davidw
    Replies:
    3
    Views:
    414
    Curt_C [MVP]
    Aug 27, 2004
  4. Tony Morris
    Replies:
    3
    Views:
    882
    Roedy Green
    Feb 4, 2006
  5. vasanth kumar
    Replies:
    1
    Views:
    115
    Evertjan.
    Oct 3, 2004
Loading...

Share This Page