I have to implement User base security in my Web project using .Net3.5. Followings are some we need:
- Roles can be Admin, Manage, Editor, Member etc
- User can have multiple roles
- Every roles has its own dynamic menus and restrictions/resources
- All menus and interface will populate dynamically from Database
I heard some where this kind of i.e user base security can be implemented using HashTable but I dont know how is it?
Today I came to know that for this kind of work Java people use Interceptor Design patterns. So, how could I do the same in asp.net C开发者_如何学Go#?
Have you checked out the official Microsoft ASP.NET site? There are a number of tutorials related to security at http://www.asp.net/learn/security/
Create an HTTP module which then creates a classes that implements iPrincipal and iIdentity objects. In most cases iIdentity will do the hard work of loading the roles. In the HTTP module set Context.User to your new iPrincipal object in Authenicate event.
This is easier to implement than the Membership providers since the two interfaces iPrincipal and iIdentity is quite thin. On each page you can then use User.IsInRole("Rolename") to verify that the user has the appropriate rights.
精彩评论