Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
ASP.NET Security, Roles?
Message
De
10/02/2004 12:29:05
Neil Gorin
Brooklyn, New York, États-Unis
 
 
À
10/02/2004 11:18:23
Kendall Webb
KRW Enterprises
Duvall, Washington, États-Unis
Information générale
Forum:
ASP.NET
Catégorie:
The Mere Mortals .NET Framework
Titre:
Re: ASP.NET Security, Roles?
Divers
Thread ID:
00875536
Message ID:
00875954
Vues:
13
Is the code that you have supplied in this example the code that you lifted from your bizobj class ? If so please instruct me on how you implemented the interactions between the bizobj class and the page_load event. And..... where do I put the code that I have already entered in the page_load event.

Regards,
Neil

>Hi Neil,
>
>I too needed to have a role based form security model and basically wrote a sproc to determine if the logged in user was in fact assigned to an "admin" role. If yes, proceed to the requested page. If not, alert and return to the login page. I executed this sproc from a business class that gets called in the overridden on_load event of the page. I didn't find any other built in framework support to accomplish this type of form based role security, so I hope this helps! If anyone has a better mousetrap I'd like to know about it too!
>
>
>
protected override void OnLoad(EventArgs e)
>		{
>			// *** Check to see if we're logged in - if not ask for login page
>			if (this.RequiresSecurity && this.SecurityUserPk == null)
>			{
>				this.RedirectToLogin();
>				return;
>			}
>
>			if (this.RequiresSecurity)
>			{
>				// Overriding the OnLoad method specifically here to implement Role Based Security
>				// on the logged in user for this Admin form, must be in the Admin role to access the page.
>
>				// Register the BO
>				this.oUtility = (Utility)this.RegisterBizObj(new Utility());
>
>				if (oUtility.CheckAdminUser((int)this.SecurityUserPk))
>				{
>					// call the parent functionality
>					base.OnLoad (e);
>					
>					// continue
>					return;
>				
>				}
>				else
>				{
>					// back to the login after alerting the user
>					mmMessageDisplay.DisplayMessage(Context,"Administration Access Denied","Your Login credentials do not allow Admin Access.;
>  See the System Administrator for Admin Access.","UserLogin.aspx?Url=/SS/MMSS/StandardsStudio/admin.aspx",4 );
>					return;
>				}
>			}
>
>			this.BindData();
>
>			
>		}
>
>
>> And.... I need the ability to secure a web page not just it's controls. RequiresSecurity=true; in OnInit works great but I want the page to be selective to the user's access. IE: I only want Admins to have access to a certain web page.
>>
>>Thanx,
>>Neil
Précédent
Suivant
Répondre
Fil
Voir

Click here to load this message in the networking platform