Can we override the Authorization Module to write custom access rules? (.NET 2.0)

Discussion in 'ASP .Net Security' started by dorionda@gmail.com, Mar 10, 2006.

  1. Guest

    Hi everyone,

    Is it possible to override the Authorization Module so that I could add
    a custom parameter to the <allow> tag in the Web.Config?

    example:

    <configuration>
    <system.web>
    <authorization>
    <allow usersInGroup="Group A"/> /*<< custom parameter here */
    <allow roles="student"/>
    <deny users="*"/>
    <deny roles="*"/>
    <deny usersInGroup="*"/>
    </authorization>
    </system.web>
    </configuration>
     
    , Mar 10, 2006
    #1
    1. Advertising

  2. You would need to write your own. It is not inhertible.

    Have you considered just adding "Group A" to the user's roles? You could
    add a shim module that would run after authentication that would create a
    new IPrincipal and stuff some additional roles in there or something.

    Joe K.

    <> wrote in message
    news:...
    > Hi everyone,
    >
    > Is it possible to override the Authorization Module so that I could add
    > a custom parameter to the <allow> tag in the Web.Config?
    >
    > example:
    >
    > <configuration>
    > <system.web>
    > <authorization>
    > <allow usersInGroup="Group A"/> /*<< custom parameter here */
    > <allow roles="student"/>
    > <deny users="*"/>
    > <deny roles="*"/>
    > <deny usersInGroup="*"/>
    > </authorization>
    > </system.web>
    > </configuration>
    >
     
    Joe Kaplan \(MVP - ADSI\), Mar 10, 2006
    #2
    1. Advertising

  3. i don't see a difference between roles and usersInGroup???!!!

    ---------------------------------------
    Dominick Baier - DevelopMentor
    http://www.leastprivilege.com

    > You would need to write your own. It is not inhertible.
    >
    > Have you considered just adding "Group A" to the user's roles? You
    > could add a shim module that would run after authentication that would
    > create a new IPrincipal and stuff some additional roles in there or
    > something.
    >
    > Joe K.
    >
    > <> wrote in message
    > news:...
    >
    >> Hi everyone,
    >>
    >> Is it possible to override the Authorization Module so that I could
    >> add a custom parameter to the <allow> tag in the Web.Config?
    >>
    >> example:
    >>
    >> <configuration>
    >> <system.web>
    >> <authorization>
    >> <allow usersInGroup="Group A"/> /*<< custom parameter here */
    >> <allow roles="student"/>
    >> <deny users="*"/>
    >> <deny roles="*"/>
    >> <deny usersInGroup="*"/>
    >> </authorization>
    >> </system.web>
    >> </configuration>
     
    Dominick Baier [DevelopMentor], Mar 10, 2006
    #3
  4. Perhaps he can elaborate on what he is trying to do? Maybe there is some
    hybrid of application-specific roles he is generating and AD groups and we
    wants to use both or something? It isn't clear to me. It still seems like
    a composite IPrincipal object would be the way to go.

    Joe K.

    "Dominick Baier [DevelopMentor]" <>
    wrote in message news:...
    >i don't see a difference between roles and usersInGroup???!!!
    >
    > ---------------------------------------
    > Dominick Baier - DevelopMentor
    > http://www.leastprivilege.com
    >
     
    Joe Kaplan \(MVP - ADSI\), Mar 10, 2006
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. ABC
    Replies:
    1
    Views:
    411
    =?Utf-8?B?Q293Ym95IChHcmVnb3J5IEEuIEJlYW1lcikgLSBN
    Oct 24, 2005
  2. Torben Laursen

    Block access to zip files using access rules

    Torben Laursen, May 12, 2008, in forum: ASP .Net
    Replies:
    1
    Views:
    436
    bruce barker
    May 12, 2008
  3. Gery D. Dorazio
    Replies:
    0
    Views:
    474
    Gery D. Dorazio
    Aug 13, 2004
  4. SeanRW
    Replies:
    1
    Views:
    379
    Dominick Baier [DevelopMentor]
    May 25, 2006
  5. Mike

    ASP.NET Role Authorization Override

    Mike, Jun 9, 2009, in forum: ASP .Net Security
    Replies:
    4
    Views:
    1,067
Loading...

Share This Page