"Pattern" or "best practice" in security checks

Discussion in 'ASP .Net Security' started by Anders K. Jacobsen [DK], Dec 5, 2004.

  1. Hi

    Im developing an ASP.NET CRUD application where i need to do some
    authorization checks on surden actions. Eg. some account have access to
    delete in a sudden datagrid and some have not. So I have to be more detailed
    that on page level. Rather component level.

    This ends up, as I see now, in a alot of checks in the different involed
    events. Further I have to adjust the view so that actually can't delete in a
    sudden datagrid. This is of course not secure enough so therefore the checks
    in the events.

    This just sounds like a plain nightmare to maintain and develope. Do you
    have a clever suggestion to this issue? I guess it's not the first time this
    have come up.

    To summerize. I want to avoid this.

    private void datagrid_DeleteCommand(object source, DataGridCommandEventArgs
    e)
    {
    if(User.IsInRole("Admin") || User.IsInRole("Developer"))
    {
    long currentid = Int64.Parse(((Label)e.Item.FindControl("lblid")).Text);
    _Service.DeleteItem(currentid);
    Databind_datagrid();
    }
    }

    Thanks in regards
    Anders, Denmark
     
    Anders K. Jacobsen [DK], Dec 5, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Anders K. Jacobsen [DK]

    "Pattern" or "best practice" in security checks

    Anders K. Jacobsen [DK], Dec 5, 2004, in forum: ASP .Net
    Replies:
    1
    Views:
    351
    Johann MacDonagh
    Dec 6, 2004
  2. Patrick.O.Ige
    Replies:
    0
    Views:
    397
    Patrick.O.Ige
    Sep 30, 2005
  3. Steve B.

    Best Practice Security

    Steve B., Jan 25, 2006, in forum: ASP .Net
    Replies:
    1
    Views:
    520
    =?Utf-8?B?RGFsZQ==?=
    Jan 26, 2006
  4. js
    Replies:
    6
    Views:
    347
    Mark Jeffcoat
    Nov 22, 2006
  5. Martin DeMello
    Replies:
    1
    Views:
    84
    Sylvain Joyeux
    Feb 25, 2008
Loading...

Share This Page