Monday, April 26, 2010

Role based security in .NET

Role based security needs authenticated information about the user in order to make some decisions about whether the user is authorized.

The 2 most important classes when dealing with Role based security are

  1. Identity class that represents the individual user like the individual user name
  2. Principal class that represents the roles associated with the user.

In windows, the Roles are much similar to the Windows Groups.

There are 3 types of identity

1. Windows Identity – This is the Commonly used identity class .The windows identity encapsulates the identity of the windows user .This will provide the information like name of the user, is the user authenticated etc.

We could also create our own identities and roles with Generic and Custom identity that are not tied with the windows identity and groups.

2. Generic Identity – accesses user information based on custom methods of authentication that we define and are independent of windows User / windows user groups .

3. Custom Identity – This can be defined by the application as per the needs.

Read more: Senthil Kumar's Blog

Posted via email from jasper22's posterous