ASP.NET 2.0 Membership, Roles, Forms Authentication
How To: Use Role Manager in ASP.NET 2.0
How to use Forms authentication with sql server 2005
The ASP.NET 2.0 provides some Membership API in order to ease the authentication and autohorization issues. You can set up a whole site with user creation, login, password change, password reset functionality without writing a single line of code.
My aim is to have some role-based restrictions for our simple content management system. On a tree based content the administrator will check , or uncheck some checkboxes for some user , thus authorize him/her for the content. The role management api provides me the functions like queriying the user for some specified role, but for some custom authorization requirement like below I have to write some code.
My business logic classes have to check if these exist:
- The user has some right to edit content management system, speaking of which I am planning to implement as a standard role in Role Management Api.
- The user has some right to edit the specified content node. Here I need a new database table to join the built-in roles and rights for that specified node, the database may have the columns like id, role_id, content_id, user_rights.
Thus for a user to do some operation on a content node he must a member of "content manager" role AND have the specific rights for the task.
No comments:
Post a Comment