Custom Security Object - How to??

[seal]

Hi

I work for a company that has user and user roles in the database and a
very, very complicated long list of rules on how to let a person see the data
from a page or control. My question is I want to re-write the security object
and I am looking for suggestions as to what the best way to do this would be.

Any suggestions?

 

[Dominick Baier [DevelopMentor]]

Hello seal,

What do you mean with Security Object??

 

[seal]

Hi Dominick

Thanks for the response. By Secutiy Object, I mean my own dll that will
handle the decision that a particular client that is part of a particular
group (defined by us, in this case lets say a data_entry user vs. an
administrator user) can or cannot see data on a page. We need to restrict
some users to only see their clients and others can see their clients as well
as clients that they have what we call a partnership with. I was going down
the path of creating my own custom object that would use the IPrincipal
interface and each page in our database would have a particular role assiged
to it, so that if a user does not match the role he would be re-directed to a
page that politely tells him he cannot see this clients data. Make any sense?

 

[Dominick Baier [DevelopMentor]]

Hello seal,

so if it all boils down to groups - IPrincipal is the perfect place - you
may not even have to create your own implementation, just couple the user
with your application roles in Application_AuthenticateRequest.

i have a sample which may get you started:
http://www.leastprivilege.com/PermaLink.aspx?guid=b0e51388-71d1-4a6f-98d0-bc8cfbec4c3a

 

[seal]

Dominick

Thank you for taking the time to respond, I feel better knowing that I was
going down the right path. Thanks for the examples as well.