|
-
Jun 22nd, 2006, 09:51 PM
#1
Thread Starter
Addicted Member
[02/03] access according to group rights
i'm using sql server 2000 In my application; i'm getting group rights from database and access to a particular web page would be given according to that rights.
i think; it should be implemented in page loadup but have no idea. I've following intentions
1. when a user login the application; it should be directed according to the userGroup he belongs like if he is an admin then he would be directed to Admin home page; similarly; if he is an ordinary user then he would be directed to his particular page.
can you give me a code example for it?
-
Jun 23rd, 2006, 05:41 PM
#2
Thread Starter
Addicted Member
Re: [02/03] access according to group rights
no help?
-
Jun 24th, 2006, 11:12 AM
#3
Re: [02/03] access according to group rights
This isn't a matter of code, just a matter of logic.
Have a table, say groupstartpage which contains information like
Code:
Group StartPage
1 admin.aspx
2 home.aspx
3 mendhak.aspx
So when a user logs in, in addition with whatever information you retrieve from the database, along with the usergroup, redirect them to the page name you just retrieved.
-
Jun 25th, 2006, 04:19 AM
#4
Thread Starter
Addicted Member
Re: [02/03] access according to group rights
 Originally Posted by mendhak
This isn't a matter of code, just a matter of logic.
Have a table, say groupstartpage which contains information like
Code:
Group StartPage
1 admin.aspx
2 home.aspx
3 mendhak.aspx
So when a user logs in, in addition with whatever information you retrieve from the database, along with the usergroup, redirect them to the page name you just retrieved.
here is my Global.asax.vb part but i'm unable to get user's role from this (or u can say don't know how to get user's role through this file as we get userName by "User.Identity.Name". can i get user's role from here or should i use explicitly defined function to get the user's role (this function is already defined in customPrincipal's file).
VB Code:
Protected Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As EventArgs) Handles MyBase.AuthenticateRequest
Dim userInformation As String = [String].Empty
If Request.IsAuthenticated = True Then
' Create the roles cookie if it doesn't exist yet for this session.
If Request.Cookies(Globals.UserRoles) Is Nothing OrElse Request.Cookies(Globals.UserRoles).Value = "" Then
' Retrieve the user's role and ID information and add it to
' the cookie
Dim user As Users = Users.GetUserByUsername(Context.User.Identity.Name)
' Create a string to persist the role and user id
userInformation = user.Id & ";" & user.Username & ";" & user.GroupId & ";" & user.BranchId
' Create a cookie authentication ticket.
Dim ticket As New FormsAuthenticationTicket(1, Context.User.Identity.Name, DateTime.Now, DateTime.Now.AddHours(1), False, userInformation)
' version
' user name
' issue time
' expires every hour
' don't persist cookie
' Encrypt the ticket
Dim cookieStr As [String] = FormsAuthentication.Encrypt(ticket)
' Send the cookie to the client
Response.Cookies(Globals.UserRoles).Value = cookieStr
Response.Cookies(Globals.UserRoles).Path = "/"
Response.Cookies(Globals.UserRoles).Expires = DateTime.Now.AddMinutes(1)
' Add our own custom principal to the request containing the user's identity, the user id, and
' the user's role
Context.User = New CustomPrincipal(Context.User.Identity, user.Id, user.GroupId, user.Username, user.BranchId)
Else
' Get roles from roles cookie
Dim ticket As FormsAuthenticationTicket = FormsAuthentication.Decrypt(Context.Request.Cookies(Globals.UserRoles).Value)
userInformation = ticket.UserData
' Add our own custom principal to the request containing the user's identity, the user id, branch id and
' the user's role from the auth ticket
Dim info As String() = userInformation.Split(New Char() {";"c})
Context.User = New CustomPrincipal(user.Identity, Convert.ToInt32(info(0).ToString()), info(1).ToString(), info(2).ToString(), info(3).ToString)
End If
End If
End Sub 'Application_AuthenticateRequest
-
Jun 26th, 2006, 12:27 AM
#5
Thread Starter
Addicted Member
Re: [02/03] access according to group rights
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|