DevForce Community Forum : [DEFERRED] Authentication Information

DevForce Community Forum : [DEFERRED] Authentication Information http://www.ideablade.com/forum/ This is an XML content feed of; DevForce Community Forum : DevForce Classic : [DEFERRED] Authentication Information Thu, 11 Jun 2026 16:35:26 -700 Sat, 13 Oct 2007 07:35:30 -700 http://blogs.law.harvard.edu/tech/rss Web Wiz Forums 9.69 360 www.ideablade.com/forum/RSS_post_feed.asp?TID=476 DevForce Community Forum http://www.ideablade.com/forum/forum_images/IdeaBlade_logo_tm.png http://www.ideablade.com/forum/ [DEFERRED] Authentication Information : This is related to the newer thread--Security... http://www.ideablade.com/forum/forum_posts.asp?TID=476&PID=1613#1613 Author: Linguinut
Subject: 476
Posted: 13-Oct-2007 at 7:35am

This is related to the newer thread--Security Application Block. I'll pick these questions up in that thread, if necessary.]]> Sat, 13 Oct 2007 07:35:30 -700 http://www.ideablade.com/forum/forum_posts.asp?TID=476&PID=1613#1613 [DEFERRED] Authentication Information : Sorry...I meant user authorization. If... http://www.ideablade.com/forum/forum_posts.asp?TID=476&PID=1489#1489 Author: Linguinut
Subject: 476
Posted: 08-Oct-2007 at 4:37pm

Sorry...I meant user authorization.

If a user is not authorized to add a new entity (they can edit), how do I make that happen?

If a user is not authorized to view a portion of the data (only division A data, for example), how do I limit various view, lists, modules, etc.?

I figure, if there is a general way to do this (service, injection, etc.), I can extend it to work with my active directory.

Since this is security in a CAB application, I thought it best to leave this issue here.

Thanks!

Bill

]]> Mon, 08 Oct 2007 16:37:23 -700 http://www.ideablade.com/forum/forum_posts.asp?TID=476&PID=1489#1489 [DEFERRED] Authentication Information : Authentication information is... http://www.ideablade.com/forum/forum_posts.asp?TID=476&PID=1481#1481 Author: Bill Jensen
Subject: 476
Posted: 08-Oct-2007 at 2:47pm

Authentication information is generally boolean: either the user is who he says he is (based on his credentials) or not.

Once a user is authenticated, authorization determines what that user is allowed to see or do. Often this is accomplished by assigning the user string-valued roles stored in the Principal object. This is created on the server and passed back to the client where it may be queried via the IsInRole() method of the Principal object.

If more authorization information is needed, you could create a custom Principal object.

I really don't know much about Active Directory.

Bill J.

]]> Mon, 08 Oct 2007 14:47:11 -700 http://www.ideablade.com/forum/forum_posts.asp?TID=476&PID=1481#1481 [DEFERRED] Authentication Information : How do I access user authentication... http://www.ideablade.com/forum/forum_posts.asp?TID=476&PID=1476#1476 Author: Linguinut
Subject: 476
Posted: 05-Oct-2007 at 4:33pm

How do I access user authentication information from within a module? Is it possible to access active directory data?

Deferred to: http://www.ideablade.com/forum/forum_posts.asp?TID=483

Edited by Linguinut - 13-Oct-2007 at 7:36am]]> Fri, 05 Oct 2007 16:33:06 -700 http://www.ideablade.com/forum/forum_posts.asp?TID=476&PID=1476#1476