A
Alex Ayzin
Hi,
I'm pretty new to security issues and understand that might question is
pretty basic. But here we go:
I have a simple webform app; In application root (Intepub\wwwroot\appname) I
have a folder that contains a single text file. Only those who has an
access(readOnly) to that folder(or text file within the folder) are able to
view the content of the displayed page. I want create a group of users with
the access(there are only about 10 people or so). Based on that, user
will/or will be able to view the page. Architect wants me to use Windows
security and does not want me to use web.config file(allow/deny).
So, I need to create an WindowsIdentity object, then using it
WindowsPrincipal object. Using IsInRole("CustomGroup") will give me a
boolean determining if the user belongs to a group with an access. I see the
picture, but a little unclear on how to proceed further. Are my initial
steps in the right direction and what are my next steps? Please advise. Any
code samples are welcome.
Thank you,
--Alex
I'm pretty new to security issues and understand that might question is
pretty basic. But here we go:
I have a simple webform app; In application root (Intepub\wwwroot\appname) I
have a folder that contains a single text file. Only those who has an
access(readOnly) to that folder(or text file within the folder) are able to
view the content of the displayed page. I want create a group of users with
the access(there are only about 10 people or so). Based on that, user
will/or will be able to view the page. Architect wants me to use Windows
security and does not want me to use web.config file(allow/deny).
So, I need to create an WindowsIdentity object, then using it
WindowsPrincipal object. Using IsInRole("CustomGroup") will give me a
boolean determining if the user belongs to a group with an access. I see the
picture, but a little unclear on how to proceed further. Are my initial
steps in the right direction and what are my next steps? Please advise. Any
code samples are welcome.
Thank you,
--Alex