R
Ryan
I am new to .net 2.0 and was wondering how best to leverage its
membership capabilities to handle a situation similar to the following:
We have a 4 web applications belonging to 3 departments. Each of these
is owned by a particular department. Access to the systems can be
shared across department, but access is controlled within each
department.
Ex:
WEB APPS DEPTS USING/OWNING THE APP
webMarketing Marketing and Billing (owned by Marketing)
webBilling Billing (owned by Billing)
webShipping Shipping and Billing (owned by Shipping)
webReturns Shipping and Billing (owned by Billing)
I would like to have all users help in one member data store. People
assigned to the administrator group would pretty much have free reign
to manage security access etc.
Here is where the issue comes in. I would also like for "Power
Users" from each group to be able to manage who can access their
application, BUT I don't want these power users to be able to grant
or revoke permission to OTHER applications. If a user is suspended,
any power user can unsuspend the account, but if a user is deactivated
only an Administrator should be able to reactivate them.
Do I need to make one application with subfolders representing the
individual applications in order for this to work?
eg:
CorporateWebApps
-webMarketing
-webBilling ...
Is it even possible to authorize a user to only control access to the
webApplication they own using a sharen membership data store?
Tech Info: Visual Studio 2005, SQL 2000
Thanks,
Ryan
membership capabilities to handle a situation similar to the following:
We have a 4 web applications belonging to 3 departments. Each of these
is owned by a particular department. Access to the systems can be
shared across department, but access is controlled within each
department.
Ex:
WEB APPS DEPTS USING/OWNING THE APP
webMarketing Marketing and Billing (owned by Marketing)
webBilling Billing (owned by Billing)
webShipping Shipping and Billing (owned by Shipping)
webReturns Shipping and Billing (owned by Billing)
I would like to have all users help in one member data store. People
assigned to the administrator group would pretty much have free reign
to manage security access etc.
Here is where the issue comes in. I would also like for "Power
Users" from each group to be able to manage who can access their
application, BUT I don't want these power users to be able to grant
or revoke permission to OTHER applications. If a user is suspended,
any power user can unsuspend the account, but if a user is deactivated
only an Administrator should be able to reactivate them.
Do I need to make one application with subfolders representing the
individual applications in order for this to work?
eg:
CorporateWebApps
-webMarketing
-webBilling ...
Is it even possible to authorize a user to only control access to the
webApplication they own using a sharen membership data store?
Tech Info: Visual Studio 2005, SQL 2000
Thanks,
Ryan