Advice on Application Roles?

[Guest]

Hi,

I have an ASP.NET application.

I have a serious of tabs on the default page.

Each tab is link to another ASPX Page.

Each user in my application will have a role.

Based on this I want to hide certain tabs on my default page and restrict
access to certain pages.

So for example, I may hide a tab but if a user tries to access the page by
typing in the name of the ASPX I want to check on each ASPX Page if the user
has the role required to access this page.

My Database has a table which indicates what role each user has.
(Example Roles : Basic User, Helpdesk User, Application Administrator )

What is the best way to hanlde this role based approach in my ASP.NET App?

Any advice on how to implement this would be appreciated.

Thanks.

 

[V]

Hi,

One way is to have a base page and have all of your pages derive from
the base page. On each of your page you can specify which roles are
required to access this page (or you can keep this information in the
database). On the base page, add code to check the membership of the
user by comparing his roles, and those required by the current page
(either by obtaining them from the page or the database).

The best way to attach roles to the current user is by implementing the
IPrincipal interface and attaching them to the currentUser object.
There are plenty of articles available on this.

Regards,
Vaibhav

 

[Peter Morris [Droopy eyes software]]

Set up the required roles for each sub-folder in web.config