Azure DevOps, Scrum, & .NET Software Leadership and Consulting Services

Free course! Predicting the Future, Estimating, and Running Your Projects with Flow Metrics

Talk: “.NET Rights-based Security Development”, 1/5/2006


FYI…I’ll be speaking at the Boston Beantown.NET User Group on 1/5/2006 on “.NET Rights-based Security Development”.


Here’s the abstract:



The .NET security principal classes (WindowsPrincipal, GenericPrincipal) help you secure your application by checking if a user is a member of a “role”. For example, only members of “HR” role can view employee information. What if the requirements changed and now “HR” users can only view employee information for certain org units? A call to IsInRole() wouldn’t be enough because now you need the context of the org unit. Is this user a member of “HR” in the New York office? The solution is a rights-based security model. Rights-based security extends the traditional role-based security with the granularity of context-relevant securable actions. In this session, we will discuss the essentials of developing a rights-based security model in .NET, how to develop your own IPrincipal classes, and how to tie a rights-based security framework into the ASP.NET 2.0 membership features using a custom membership & role provider.


-Ben

SUBSCRIBE TO THE BLOG


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.