Hi All,
His there any way to build a connection string to sql server based on the current user credential?
I mean, intead of using
user id=Admin
password=adminPass
Is it possible to do something like
user id= Context.User.ID
pass=?
I'm asking cause, iI don't want to use impersonisation in my code.
So that I can be sure logged user only sees what they can
(I'm a newbie, so this whole thing may makes no point
(thanks for clarifying
Yes this is definitely possible. You have to create a class which implements IIdentity class and IPrincipal. Check out the article:
http://msdn2.microsoft.com/en-us/library/ms172766(VS.80).aspx
|||Thanks for the tip.
I've difficulty to see how to make it work.
I'm developping a web control so i don't really have any control on the the login process.
This confuse me, Does the IIdentity tecnics still apply? how?
Is there something like:
Context.IIdentity that I can write on my connection string?
(maybe i'm just not understanding the flow
(thanks for any help
Hi tomypow,
Based on my understanding, connection string is just some xml configuration file so definitely we cannot write any code within it. And by the way, I don't think use different connectin string for different logged in user is a good idea. If you have 10,000 users in your site, you will have to create 10,000 connectin strings--so, in my opinion, I would suggest you use role management in your application instead.
Role management helps you to manage authorization, allowing you to specify the resources users in your application are allowed to access. Role management lets you treat groups of users as a unit by assigning users to roles such as manager, sales, member, and so on. In Windows, you create roles by assigning users to groups such as Administrators, Power Users, and so on.
After you have established roles, you can create access rules in your application. For example, your site might include a set of pages that you want to display only to members. Similarly, you might want to show or hide a part of a page based on whether the current user is a manager. With roles, you can establish these types of rules independent from individual application users. For example, you do not have to grant individual members of your site access to member-only pages; instead, you can grant access to the role of member and then simply add and remove users from that role as people sign up or allow their memberships to lapse.
I would suggest you read some materials on msdn :http://msdn2.microsoft.com/en-us/library/5k850zwb.aspx
Hope my suggestion helps
|||Thanks Bo Chen.
It's all very clear now.
I will definitively use the role based approach.
No comments:
Post a Comment