implementing security in an .NET application

J

Jeff

Hey

I have an application made in .NET 2.0. Now I want to implement security
into it. I want to set permissions on who can start the application and what
they can do in the application

So on this application I've thought about adding a page where administrator
can add users and set their individual permissions in the program.

Originally I thought about implementing this by storing all users in a table
and link this user table to a table containing all the windows in the
application.. but I don't think that is an good approach

All users will also exists in Active Directory, could Active Directory be
used in this scenario?

Any suggestions?

Best Regards
 
G

Guest

Jeff,
When you say "adding a Page" we must then assume you are referring to an
ASP.NET web application. In that case you probably would be better served
posting your question to the ASP.NET newsgroup, not the C# language group.

If you go to the QUICKSTARTS at the asp.net site, you can find all kinds of
info and sample code on how to set up Authentication, Roles and Profies using
the built-in provider mechanism. There is an Active Directory provider too.
-- Peter
Recursion: see Recursion
site: http://www.eggheadcafe.com
unBlog: http://petesbloggerama.blogspot.com
BlogMetaFinder: http://www.blogmetafinder.com
 
G

Guest

To a certain extent it's up to the application to implement authorization and
authentication.

You can use code access security (CAS) to limit what a user can do; but
you'll either have to test or use exceptions and catch the
SecurityExceptions. Plus, if your code is FullTrust some of those CAS
attributes simply won't be tested.

There's a few interfaces that help you implement application-specific
authorization and authentication. See System.Security.IIdentity and
System.Security.IPrincipal. If you want to base your authorization on a
Windows login (for which Windows would handle the authentication) then you
can have a look at WindowsIdentity and WindowsPrinicpal. See also
System.Threading.Thread.CurrentPrincipal.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Help Regarding implementing Delegate 1
Active Directory, User Permissions, and .NET? 4
implementing MVC architecture in C# windows application 1
Security question 5
Application security in .NET 1
Installation of a C# .Net 2003 Application 4
how to use active directory in .net 1
Converting a Windows CE .NET CF application to run on std Windows? 4

Top