Windows Authorization Question

[dw]

I'm a newbie with ASP.NET 1.1. I'm building an application which will allow
only 5 or 6 people access (authentication) and they're all on the domain;
and only 2 or 3 will have write permission to the SQL Server 2000 on the
pages (authorization). What's the best way to do this (least amount of
maintenance if users get added/removed)? Thanks.

 

[Yunus Emre ALPÖZEN [MCAD.NET]]

use windows authentication. U can define your users and roles in web.config
file in your case it should be enough...

 

[dw]

Thanks, Yunus. How do I allow some users to full edit of data, while others
only view info on pages?

 

[Yunus Emre ALPÖZEN [MCAD.NET]]

U should define users with roles. And use declarative or imperative security
checks.

For instance

System.Threading.Thread.CurrentPrincipal.IsInRole("Admin") returns boolean
indicating whether the current user belongs to admin group. Admin is not a
specific word u can easily define it. My advice u to google Role Based
Security. There are too much code examples in the net.

--

Thanks,
Yunus Emre ALPÖZEN
BSc, MCAD.NET