Provide grouped security

8 Jun 2005 7:09 PM

VK

Hello:

We are developing about 40 online tools for our website. These tools
will be grouped and users will be given access to those tools which they
have signed up for, more like they belong to different groups. We are
using ASP.NET and SQL2000.

Where would be a good idea to check for user access - using databases or
using "AUTHENTICATION" in webconfig file?

Many thanks for your time.
VK

*** Sent via Developersdex http://www.developersdex.com ***

8 Jun 2005 7:19 PM

VK

Would "AUTHENTICATION" or "AUTHORIZATION" work in this case?

Thanks for your time.

*** Sent via Developersdex http://www.developersdex.com ***

9 Jun 2005 11:18 AM

Nicole Calinoiu

If the groups are relatively static (i.e.: the groups that are allowed to
access any given application aren't likely to change over time), using the
web.config file to specify the access would be fine.

That said, it's the authorization element, not the authentication element
that is used to specify who may use the application. The authentication
element is used to specify how users identity themselves to the system, not
what they can do once they are identified. For more information on these
two elemets, see
http://msdn.microsoft.com/library/en-us/cpgenref/html/gngrfsystemwebelement.asp.

Show quoteHide quote

"VK" <v*@vk.com> wrote in message
news:%23R6VU2FbFHA.2180@TK2MSFTNGP12.phx.gbl...
> Hello:
>
> We are developing about 40 online tools for our website. These tools
> will be grouped and users will be given access to those tools which they
> have signed up for, more like they belong to different groups. We are
> using ASP.NET and SQL2000.
>
> Where would be a good idea to check for user access - using databases or
> using "AUTHENTICATION" in webconfig file?
>
> Many thanks for your time.
> VK
>
> *** Sent via Developersdex http://www.developersdex.com ***

9 Jun 2005 2:13 PM

VK

Thank you for link to article.

When we define users, would this be getting the list for Active
Directory? I mean, where would we define users as a list?

Thanks.
Vani

*** Sent via Developersdex http://www.developersdex.com ***

9 Jun 2005 2:41 PM

Nicole Calinoiu

That depends largely on what what user storage schemes you can support and
what kind of authentication you wish to use for your site. If you can and
want to store your users in Active Directory, then go ahead and do so. In
this case, there would be no need to specify a list of users in your web
applications. Instead, you could use Windows authentication for the
applications and simply configure the authorization elements for each
application to only allow the AD groups that are permitted to use the app.

Show quoteHide quote

"VK" <v*@vk.com> wrote in message
news:OifLk1PbFHA.2076@TK2MSFTNGP15.phx.gbl...
> Thank you for link to article.
>
> When we define users, would this be getting the list for Active
> Directory? I mean, where would we define users as a list?
>
> Thanks.
> Vani
>
>
>
> *** Sent via Developersdex http://www.developersdex.com ***

9 Jun 2005 2:57 PM

VK

Speedy reply, thanks!

Can we get these users from database?

Where else can users be defined other than AD?

Thanks.
Vani

*** Sent via Developersdex http://www.developersdex.com ***

10 Jun 2005 11:43 AM

Nicole Calinoiu

Yes, but then you would use Forms authentication rather than Windows
authentication. If you use Forms authentication, you can store the users
anywhere you wish since you will be responsible for writing the code that
actually performs the authentication. For an introduction to the various
authentication schemes that are built into ASP.NET, see
http://msdn.microsoft.com/library/en-us/cpguide/html/cpconASPNETAuthentication.asp.

Show quoteHide quote

"VK" <v*@vk.com> wrote in message
news:OGXMMOQbFHA.2128@TK2MSFTNGP15.phx.gbl...
> Speedy reply, thanks!
>
> Can we get these users from database?
>
> Where else can users be defined other than AD?
>
> Thanks.
> Vani
>
> *** Sent via Developersdex http://www.developersdex.com ***