Stack Overflow
Stack Overflow

Questions tagged [role-based]

58 questions
210
votes
12 answers

Role-based access control (RBAC) vs. Claims-based access control (CBAC) in ASP.NET MVC

What are the main benefits of using CBAC vs. RBAC? When is it better to use CBAC and when is it better to use RBAC? I'm trying to understand the general concepts of the CBAC model but the general idea is still not clear for me.
Mr. Pumpkin
  • 6,212
  • 6
  • 44
  • 60
32
votes
1 answer

Asp.net Core Identity Use AspNetUserClaims or AspNetRoleClaims?

I am still confused about all this Identity stuff.  First I am still confused the difference between Roles, Policies/Claims. From what I read roles is the old way of doing stuff and was kept for backward compatibility, so does that mean…
chobo2
  • 83,322
  • 195
  • 530
  • 832
13
votes
2 answers

Why Claim based authentication instead of role based authentication

I am new to claim based authentication. I have gone throught several aricles and could not able to figure out the exact use of claim based authentication. Here are some doubts I have about claim based authentication. I would like to know what is…
Sujith S Nair
  • 738
  • 6
  • 20
8
votes
5 answers

Why would I hard-code user permissions in my controller attributes?

I have seen example code that looks like this, which seems perfectly reasonable: [Authorize(Roles = "Admin, User")] public class SomeController : Controller But I have also seen several examples that look like this: [Authorize(Users = "Charles,…
Robert Harvey
  • 178,213
  • 47
  • 333
  • 501
7
votes
1 answer

How to handle role based authorization in AngularJS?

I am creating a web app which will satisfy two requirements for the users. Note: I am new to AngularJS as a web development platform. Front-end - 1: Its a search functionality where users can search for specific documents and studies based on…
CalmWinds
  • 157
  • 1
  • 3
  • 13
7
votes
3 answers

Role Based Access Control (RBAC) - .Net Component

In my job we are trying to consolidate the Authentication of the application farm with Windows Identity Fundation (WIF) or some custom component based in Membership Provider. With this, we need to provide the developers (and final users) some…
Esteban Lopez
  • 573
  • 7
  • 19
6
votes
1 answer

Entity-level access control in a hierarchical data scheme

I have a requirement for entity-level authorization that's frankly over my head. I'm hoping to get some guidance on this permission structure, how I might implement it in .NET 4.5, and if there are ways I could improve it. Here it goes: I have a…
jungos
  • 476
  • 5
  • 21
6
votes
2 answers

Role-based Authorization with Model List

I've 3 models [User, Role, and UserRole] Use {ID [PK], Name, Email, Password, .....} Role {ID [PK], Name, Description, .......} UserRole {UserID [FK], RoleID [FK]} Consider, the Role-based Authorization on controller using the [Authorize]…
Unknown Coder
  • 1,510
  • 2
  • 28
  • 56
5
votes
2 answers

How to get all users in a role including roles in roles?

I have a Sitecore site that uses the AD module for connecting to an Active Directory. Let's say that we have a Role defined in Sitecore called "Content Authors". Content Authors may contain individual user accounts - "jsmith" - or it might contain…
Corey Burnett
  • 7,312
  • 10
  • 56
  • 93
5
votes
1 answer

Role-based security with Google App Engine and Python

I would like to ask what is the common way for handling role-based security with Google App Engine, Python? In the app.yaml, there is the "login" section, but available values are only "admin" and "required". How do you normally handle role-based…
Hoang Pham
  • 6,899
  • 11
  • 57
  • 70
4
votes
3 answers

Flowing WCF Role-Based Security through to UI

I am looking for some best practices on how to handle the following scenario - flowing permissions from WCF service layer through to UI: I have WCF services with methods that have been decorated with the PrincipalPermission attribute. I would like a…
Frank Bell
  • 139
  • 1
  • 7
3
votes
3 answers

Role-based authorization with ASP.NET Core 5.0

I can't define my Admin, Company, Agency roles because services.AddDefaultIdentity() .AddRoles() .AddEntityFrameworkStores(); is not working or is not defining and it gives me an…
BerkGarip
  • 534
  • 5
  • 18
3
votes
2 answers

right way to have role based custom auth query database on every request asp.net mvc

This may be a slightly ignorant question but Im new to mvc so Im sorry! I studied the nerd dinner auth model but In my app I have a complicated role based authentication. So What I do is this: void MvcApplication_PostAuthenticateRequest(object…
gideon
  • 19,329
  • 11
  • 72
  • 113
3
votes
2 answers

Manage User and Roles

In my WPF Desktop sample Book Store application I want to manage Users and Roles. With multiple Users I want to achieve below points 1) Application Should have multiple user 2) User has 3 categories a) Admin b) Manager c) Employee 3) Application…
Cloud Spider
  • 195
  • 8
2
votes
1 answer

Role-based access denial handling in Spring Security - how to?

I'm working on Spring based application with Spring Security. I have users with different roles and would like to implement access denial handling depending on the role. More specifically the desired effect would be the following: when user tries to…
quosoo
  • 829
  • 4
  • 10
1
2 3 4