J
Jéjé
Hi,
I'm looking for samples to manage system or application level security and
item level security.
I have an intranet application where the users can create & edit some
objects like "Employees".
From the application level view, the user is authorize or not to create an
employee.
But when the user will create it, he can associate this employee to only
authorized organizationnal units.
After this, the user can edit only employees in authorized organizationnal
units, but he can view (but not edit) all other employees.
So the user has a application role and an orgnizationnal unit role, how to
combine these?
Also, I want to use an operation based access check instead-of a role based
security.
So, I'm trying to play with the AzMan, but this not useable for a "2
dimensions" security.
Today I manage this at the application level, but today a user can edit any
employees, not only authorized one.
(employees is just a sample, I have a lot of objectsand each one as will
have more then simple edition capabilities)
I want to define specific roles for each user/orgnization combination.
I'm using ASP.NET 2.
The integrated membership SQL provider is excellent for the application
level security. But not so good for my needs.
I love AzMan to manage the operations allowed in a role... so if there is
any solution using it... I'll take it
thanks for your help.
jerome.
I'm looking for samples to manage system or application level security and
item level security.
I have an intranet application where the users can create & edit some
objects like "Employees".
From the application level view, the user is authorize or not to create an
employee.
But when the user will create it, he can associate this employee to only
authorized organizationnal units.
After this, the user can edit only employees in authorized organizationnal
units, but he can view (but not edit) all other employees.
So the user has a application role and an orgnizationnal unit role, how to
combine these?
Also, I want to use an operation based access check instead-of a role based
security.
So, I'm trying to play with the AzMan, but this not useable for a "2
dimensions" security.
Today I manage this at the application level, but today a user can edit any
employees, not only authorized one.
(employees is just a sample, I have a lot of objectsand each one as will
have more then simple edition capabilities)
I want to define specific roles for each user/orgnization combination.
I'm using ASP.NET 2.
The integrated membership SQL provider is excellent for the application
level security. But not so good for my needs.
I love AzMan to manage the operations allowed in a role... so if there is
any solution using it... I'll take it
thanks for your help.
jerome.