sloan
10/31/2008 3:27:00 PM
No, I don't implement/use the Demand() method.
"Martin Eckart" <moartl17atyahoo.de> wrote in message
news:ukd1S2fOJHA.4776@TK2MSFTNGP05.phx.gbl...
> Thanks sloan, great hints.
>
> One more question: I assume you then use the Demand() method of the
> PrincipalPermission class. Are you implementing your own Demand() method?
> How would you do that, sonce Princ.Permission is sealed?
>
> "sloan" <sloan@ipass.net> wrote in message
> news:%23w0YI4ROJHA.2100@TK2MSFTNGP05.phx.gbl...
>>
>> Personally...I created my own IPrincipal interface (and concrete
>> implementation).
>> I decided to go to a RIGHTS based model.
>>
>> The below interface has met my needs, 100% of the time.
>>
>>
>> I feel the "Roles" based system kinda is lacking a tad. Most people can
>> make it work.
>> One guy (at a user group meeting) told me he uses "rights" anywhere the
>> word "role" appears.
>> (Aka, an artficial swap out).
>>
>>
>>
>>
>> public interface IRolesAndRightsPrincipal :
>> System.Security.Principal.IPrincipal
>> {
>>
>> bool IsInRole(System.Guid role);
>>
>> bool IsInAnyRole(System.Guid[] roles);
>>
>> bool IsInAllRoles(System.Guid[] roles);
>>
>> bool HasRight(System.Guid right);
>>
>> bool HasAnyRight(System.Guid[] rights);
>>
>> bool HasAllRights(System.Guid[] rights);
>>
>>
>> ISecurityRoleCollection AllRoles //and ISecurityRole is just a
>> Guid and a Name simple object in my world
>> {
>> get;
>> }
>>
>> ISecurityRightCollection AllRights//and ISecurityRight is just a
>> Guid and a Name simple object in my world
>> {
>> get;
>> }
>>
>>
>> }
>>
>>
>>
>>
>>
>> "Martin Eckart" <moartl17atyahoo.de> wrote in message
>> news:%23VHhwsROJHA.2404@TK2MSFTNGP05.phx.gbl...
>>> Hi NG,
>>>
>>> I am about to start development of the Security part of a big
>>> application. The requirements are that users must be assigned to roles
>>> and the roles then can be configured to access features.
>>>
>>> The features are a set of methods in C# which will be defined once
>>> before rollout. The assignment which roles can access those features are
>>> configurable in an xml file.
>>>
>>> I would like to use Role Based Security functionality from the .NET
>>> Framework but have not found anything yet about how to make the
>>> following call depending on an external file/service:
>>> [PrincipalPermissionAttribute(SecurityAction.Demand, Name = "MyUser",
>>> Role = "User")]
>>> I can get the current user form my database, but I don't know how to put
>>> a placeholder here for the Role and replace it then with the value from
>>> the configuration file.
>>>
>>> Any hints?
>>>
>>> Thanks,
>>> Martin
>>>
>>
>>
>
>