Results 1 to 5 of 5

Thread: [02/03] access according to group rights

  1. #1

    Thread Starter
    Addicted Member
    Join Date
    Apr 2006
    Posts
    244

    Exclamation [02/03] access according to group rights

    i'm using sql server 2000 In my application; i'm getting group rights from database and access to a particular web page would be given according to that rights.

    i think; it should be implemented in page loadup but have no idea. I've following intentions

    1. when a user login the application; it should be directed according to the userGroup he belongs like if he is an admin then he would be directed to Admin home page; similarly; if he is an ordinary user then he would be directed to his particular page.

    can you give me a code example for it?

  2. #2

    Thread Starter
    Addicted Member
    Join Date
    Apr 2006
    Posts
    244

    Re: [02/03] access according to group rights

    no help?

  3. #3
    I'm about to be a PowerPoster! mendhak's Avatar
    Join Date
    Feb 2002
    Location
    Ulaan Baator GooGoo: Frog
    Posts
    38,170

    Re: [02/03] access according to group rights

    This isn't a matter of code, just a matter of logic.

    Have a table, say groupstartpage which contains information like

    Code:
    Group   StartPage
    1         admin.aspx
    2         home.aspx
    3         mendhak.aspx
    So when a user logs in, in addition with whatever information you retrieve from the database, along with the usergroup, redirect them to the page name you just retrieved.

  4. #4

    Thread Starter
    Addicted Member
    Join Date
    Apr 2006
    Posts
    244

    Re: [02/03] access according to group rights

    Quote Originally Posted by mendhak
    This isn't a matter of code, just a matter of logic.

    Have a table, say groupstartpage which contains information like

    Code:
    Group   StartPage
    1         admin.aspx
    2         home.aspx
    3         mendhak.aspx
    So when a user logs in, in addition with whatever information you retrieve from the database, along with the usergroup, redirect them to the page name you just retrieved.

    here is my Global.asax.vb part but i'm unable to get user's role from this (or u can say don't know how to get user's role through this file as we get userName by "User.Identity.Name". can i get user's role from here or should i use explicitly defined function to get the user's role (this function is already defined in customPrincipal's file).


    VB Code:
    1. Protected Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As EventArgs) Handles MyBase.AuthenticateRequest
    2.         Dim userInformation As String = [String].Empty
    3.  
    4.         If Request.IsAuthenticated = True Then
    5.             ' Create the roles cookie if it doesn't exist yet for this session.
    6.  
    7.             If Request.Cookies(Globals.UserRoles) Is Nothing OrElse Request.Cookies(Globals.UserRoles).Value = "" Then
    8.                 ' Retrieve the user's role and ID information and add it to
    9.                 ' the cookie
    10.                 Dim user As Users = Users.GetUserByUsername(Context.User.Identity.Name)
    11.                
    12.             ' Create a string to persist the role and user id
    13.             userInformation = user.Id & ";" & user.Username & ";" & user.GroupId & ";" & user.BranchId
    14.             ' Create a cookie authentication ticket.
    15.             Dim ticket As New FormsAuthenticationTicket(1, Context.User.Identity.Name, DateTime.Now, DateTime.Now.AddHours(1), False, userInformation)
    16.             ' version
    17.             ' user name
    18.             ' issue time
    19.             ' expires every hour
    20.             ' don't persist cookie
    21.  
    22.             ' Encrypt the ticket
    23.             Dim cookieStr As [String] = FormsAuthentication.Encrypt(ticket)
    24.  
    25.             ' Send the cookie to the client
    26.             Response.Cookies(Globals.UserRoles).Value = cookieStr
    27.             Response.Cookies(Globals.UserRoles).Path = "/"
    28.             Response.Cookies(Globals.UserRoles).Expires = DateTime.Now.AddMinutes(1)
    29.  
    30.             ' Add our own custom principal to the request containing the user's identity, the user id, and
    31.             ' the user's role
    32.             Context.User = New CustomPrincipal(Context.User.Identity, user.Id, user.GroupId, user.Username, user.BranchId)
    33.         Else
    34.             ' Get roles from roles cookie
    35.             Dim ticket As FormsAuthenticationTicket = FormsAuthentication.Decrypt(Context.Request.Cookies(Globals.UserRoles).Value)
    36.             userInformation = ticket.UserData
    37.  
    38.             ' Add our own custom principal to the request containing the user's identity, the user id, branch id and
    39.             ' the user's role from the auth ticket
    40.             Dim info As String() = userInformation.Split(New Char() {";"c})
    41.             Context.User = New CustomPrincipal(user.Identity, Convert.ToInt32(info(0).ToString()), info(1).ToString(), info(2).ToString(), info(3).ToString)
    42.         End If
    43.         End If
    44.     End Sub 'Application_AuthenticateRequest

  5. #5

    Thread Starter
    Addicted Member
    Join Date
    Apr 2006
    Posts
    244

    Re: [02/03] access according to group rights

    any idea??

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width