ASP.NET Security, Roles? - Level Extreme

Plateforme Level Extreme

Abonnement

Profil corporatif

Produits & Services

Support

Légal

English

ASP.NET Security, Roles?

Message

De

12/02/2004 13:42:12

Neil Gorin
Brooklyn, New York, États-Unis

À

09/02/2004 21:28:31

Kevin McNeish
Oak Leaf Enterprises, Inc.
Troy, Virginie, États-Unis

Information générale

Forum:

ASP.NET

Catégorie:

The Mere Mortals .NET Framework

Titre:

Re: ASP.NET Security, Roles?

Divers

Thread ID:

00875536

Message ID:

00876775

Vues:

11

Hi Kevin,

I have been working on securing a Hyperlink contained in a templatecolumn of a datagrid. I almost have it and I need your help. I went to the HTML view of the page and added an "Enabled=" attribute to the Hyperlink control. I then used in-line syntax to set the Enabled attribute.

  ....  Enabled = "<%# lEnabled%>

(UT does not allow the proper rendering of the opening and closing in-line tags)

I then declared a public field in the code behind.

  public bool lEnabled

In the Page_load I set the value of lEnabled.

  lEnabled = false;  // or true

The Hyperlink in the TemplateColumn follows the setting of lEnable. Ok... so I am almost there. I then placed an mmLabel called lblProxy on the page and used the wizard to generate a ControlID. I set up the label for Role based security and the label respects the security scheme just fine. I was hoping to set lEnabled to the Visible property of lblProxy but my secured lblProxy is getting it's Visible property set afer the Page_load event. I guess this all sums up to this. I would like lEnabled to follow the security setting of lblproxy by setting lEnabled=this.lblProxy.Visible. I just can't work out when to set lEnabled. Is this the old problem of *which* events fire *when*?

Where should I place lEnable=lblProxy.Visible so that the datagrid gets rendered after the seurity sets lblProxy.Visible?
Or... how about just showing me how to determine the accesslevel for a secured control (lblProxy) for the present logged in user that I can run in the page_load event. I think that would be easier.

Thanx,
Neil

>Neil,
>
>>I just upgraded to mm.net version 1.1.3. Great upgrade. Instant security at no expense for my asp.net applications. Absolutely fantastic. I do however have a problem with the "Roles" aspect of security. I don't know if it is my concept of Roles or is it that the framework's security features and/or documentation for asp.net is uncompleted as of yet. When I log into Security Administration Mode and hit the page I wish to manage all looks well. There is a little lock icon next to the controls I want to secure. I click on the lock icon and get the Control Security Configuration page. The user that I am administering is "Neil". Neil has a role of Administrator_1 associated with it. The secured control only seems to respect the Users assignment but ignores the Roles assignment.
>
>Any assignment you specify at the user level overrides the setting at the Role level...this is by design. This allows you to specify security at the role level, and specify exceptions to the role security at the user level.
>
>>Also... How do I secure a hyperlink in a templatecolumn of a datagrid. I don't want to secure the entire datagrid. Just the templatecolumn. And.... I need the ability to secure a web page not just it's controls. RequiresSecurity=true; in OnInit works great but I want the page to be selective to the user's access. IE: I only want Admins to have access to a certain web page.
>
>I'll check with Rick on these.
>
>Regards,

Click here to load this message in the networking platform