1

I am trying to build a simple username-password-role based security object model for my application. The requirement is that user will enter using username and password and he/she will have enable and disable access to the part of the system depending upon whatever role they fall into. which I think is fairly simple idea.

Now here my query. I have a base class in business object which gets inheriates by all other classes. In my security Project there will be few classes for e.g. Security, Identity (which contains userprofile info) etc. The idea is that my base class will use this security object and the inheriated classes can reference this security object for a given (loggedin) user. So for e.g. if I am logged into the application and I went to access the accounts module , becouse account module inheriates my base class it has the knowlege about who am I, what role I fell into etc. Hence I can have a property CanExecute in my accounts module which can be turned on/off depending upon the user's role.

Hope I tried to make this clear as possible. I really would appriciate any inputs in terms of coding and in terms of architecute.

Many thanks, Preyash

activebiz
  • 6,000
  • 9
  • 41
  • 64
  • 1
    when you say 'build', do you mean implement from the formsauthentication & MembershipService classes that already exist?? (see System.Security and System.Security.Principal) – jim tollan Oct 13 '10 at 11:44
  • Sorry by build I mean develop. The project is under development. I havent use the formauthentication and memebership classes so far. Do you think that would be the right way to go. My user database is very simple with few tables (Users, Roles). – activebiz Oct 13 '10 at 11:54
  • activebiz - i think you probably should use the built in foms/membership stuff as this also gives you (for free) all the controller and action decorators [Authorize] etc, which will allow you to do what you want at contoller level straight away. also, you get to use the authentication tickets, etc, etc. you can also build a custom profileprovider that will allow you to tie your user table directly into the profilecommon class. there are lots of good links on this stuff. i'll look those out a bit later if you feel this might be a better route to go down. – jim tollan Oct 13 '10 at 11:59

2 Answers2

2

.net has this kind of stuff built in. Look up GenericPrincipal and authorization. Also ASP.NET has Authenication built in .

For example : http://www.15seconds.com/issue/041208.htm and here : http://www.codeproject.com/KB/security/SecurityModelDotNet.aspx

Should get you started

Preet Sangha
  • 64,563
  • 18
  • 145
  • 216
  • Can I use GenericPrincipal (and/or Authorization) with my custom user database? I am not looking to use build in stuff like AD (for.e.g.) I would really appricate if you can point me into right direction. – activebiz Oct 13 '10 at 11:55
  • One thing that I have forget to mention here is that this is for the WPF application and not for ASP.NET. Can I still use GenericPrincipal? – activebiz Oct 13 '10 at 18:16
  • Oh yes. It's a .net thing not ASP.NET only. We use for all our .net apps (winforms, WPF, console, ASP.net and services) – Preet Sangha Oct 13 '10 at 20:19
1

activebiz,

to recap from above:

i think you probably should use the built-in FormsAuthentication & MembershipService classes as this also gives you (for free) all the controller and action decorators [Authorize] etc, which will allow you to do what you want at contoller level straight away.

also, you get to use the authentication tickets, etc, etc. you can also build a custom profileprovider that will allow you to tie your user table directly into the profilecommon class. there are lots of good links on this stuff.

i'll look those out a bit later if you feel this might be a better route to go down.

[edit] links as promised. will add to as i find them. here's one on SO for starters:

Implementing Profile Provider in ASP.NET MVC

and one from my old mate, lee dumond:

http://leedumond.com/blog/asp-net-profiles-in-web-application-projects/

Community
  • 1
  • 1
jim tollan
  • 22,305
  • 4
  • 49
  • 63
  • Thanks Jim, I belive this is on the similar line on which Preet Sangha is talking. I am also thinking this is a good idea as it gives lots of things out of the box. I would appriciate if you can have a look for me. Thanks, – activebiz Oct 13 '10 at 12:08