.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

HOW TO Extending ASP.NET Security Model to use RIGHTs and Permission?

Posted By:      Posted Date: October 18, 2010    Points: 0   Category :ASP.Net

Hi all,

I am new to ASP.NET security model, I need to perform a RIGHT-based security checking for every actions in my applications (e.g. CreateUser, UpdateUser, SearchUser....etc)

However, the built in ASP.NET security model only support ROLE-based security, and I would like to do something like that, but using RIGHTs.

Is there any idea, experience and post I can read and extends the ASP.NET Security Model to use RIGHT-based security to perform granular control.

e.g. How to I write my own HTTPModule, or make use of IPrincipal object.

If there any details steps/tutorial will be great, as I am very new to the ASP.NET.

Thank you so much!

View Complete Post

More Related Resource Links

System.Security.SecurityException: Request for the permission of type 'System.Web.AspNetHostingPerm


Good Day all,

Having an issue with an outside user accessing my IIS7 box. I do not have this problem when running the website from my host machine. I found this post: Http://forums.asp.net/t/1371394.aspx. I assure you that this is not a solution because I am not storing any of my files on a network share. 

What do you think my approach should be. 

I already have read rights to IIS user to my BIN folder. 

Thanks for the help. 

CLR Inside Out: Exploring the .NET Framework 4 Security Model


The .NET Framework 4 introduces many updates to the .NET security model that make it much easier to host, secure and provide services to partially trusted code. This article dives into the many features and benefits of the .NET security model.

Andrew Dai

MSDN Magazine November 2009

Extending SDL: Documenting And Evaluating The Security Guarantees Of Your Apps


In this article, the author presents an extension to the Security Development Lifecycle Which could promote a better flow of information between users and designers of software security features.

Mark Novak

MSDN Magazine November 2006

Scripting: Windows Script Host 5.6 Boasts Windows XP Integration, Security, New Object Model


Windows Script Host (WSH) 5.6, a major upgrade for the WSH environment, provides some significant improvements over previous versions. A brand new security model that is tightly integrated with security in Windows XP allows administrators to place fine-grained restrictions on scripts reducing the risk from malicious code. In addition, local scripts can now run on remote machines, and enhancements to the object model reduce the amount of boilerplate code needed when writing professional code. This overview of WSH 5.6 explains these changes and how .NET and scripting work together.

Dino Esposito

MSDN Magazine May 2002

Security in .NET: Enforce Code Access Rights with the Common Language Runtime


Component-based software is vulnerable to attack. Large numbers of DLLs that are not tightly controlled are at the heart of the problem. Code access security in the Common Language Runtime of the Microsoft .NET Framework addresses this common security hole. In this model, the CLR acts as the traffic cop to assemblies, keeping track of where they came from and what security restraints should be placed on them. Another way the .NET Framework addresses security is by providing preexisting classes which have built-in security. These are the classes that are invoked in .NET when performing risky operations such as reading and writing files, displaying dialog boxes, and so on. Of course, if a component calls unmanaged code, it can bypass code access security measures. This article covers these and other security issues.

Keith Brown

MSDN Magazine February 2001

Private Security Model Integration

Does anyone have any recommendations on tieing the Microsoft AS security model in with an independent security model. We are at the beginning process to discuss this with a very large international partner and are looking for recommendations form anyone who has done this before. Thanks in advance Alan

System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlCli

I have created a windows library control that accesses a local sql database I tried the following strings for connecting Dim connectionString As String = "Data Source=localhost\SQLEXPRESS;Initial Catalog=TimeSheet;Trusted_Connection = true" Dim connectionString As String = "Data Source=localhost\SQLEXPRESS;Initial Catalog=TimeSheet;Integrated Security=SSPI"   I am not running the webpage in a virtual directory but in C:\Inetpub\wwwroot\usercontrol and I have a simple index.html that tries to read from an sql db but throws the error System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.   at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)   at System.Security.PermissionSet.Demand()   at System.Data.Common.DbConnectionOptions.DemandPermission()   at System.Data.SqlClient.SqlConnection.PermissionDemand()   at System.Data.SqlClient.SqlConnectionFactory.PermissionDemand(DbConnection outerConnection)   at System.Data.ProviderBase.DbConnectionClosed.OpenConnection(DbConnection outerConnection, etc etc  The action that failed was:DemandThe type of the first permission that failed was:System.Data.SqlClient.SqlClientPermissionThe Zone of the assembly that fa

Membership as a security/administration model for upload/download of documents

Hi community, I'm working on a website where it should be possible for registered users to upload word documents. The administration of users is done through Membership and Profiles. When the documents have been uploaded, the following needs to be achieved: Non-registered users should not be allowed to download documents I should be able to control which users that has access to which documents I should be able to register which user downloads which documents I should be able to track how many times a document has been downloaded Can this be achieved be using Membership and Profiles? Thanks in advance Best regards Phecdaret

Problems with security trimmed BDC model

I've been trying to implement .NET assembly connector with security trimmer in SharePoint 2010. So far I've managed
to create a single wsp-package that implements a crawlable content source and ISecurityTrimmer2.CheckAccess-method
that gets called when objects from this external content source are being shown in search results (implemented as described
in http://msdn.microsoft.com/en-us/library/ee819923.aspx). Now I'm however facing a problem that the items in documentCrawlUrls
given in IList<String>-parameter of ISecurityTrimmer2.CheckAccess aren't of the same type as the identifiers passed e.g.
to ReadItem-method of the BDC model. Instead, they are something like the following:

when the identifier given to ReadItem is e.g. something like:

So the question is, how can I convert the identifier given to CheckAccess into the same format that is used in the BDC model?

Security permission for a key attribute which belongs to a parent-child hierarchy.



I have a dimension with a parent-child hierarchy on the key attribute and another attribute for the parent. I also want to declare a role with a permission to view only a specific member of that dimension, but it doesn't let me define a restriction on the key attribute and says I must define the equivalent restriction on the parent attribute. The problem is that I don't know how to accomplish that because I must use a specific value, so I can't restrict it using this value's parent or children. I might be stupid, but I really have no idea how to do it...


Can't add item using client object model of sharepoint 2010 with read only permission to user.



I have already developed Silverlight application in SharePoint 2010 using client object model.

But I have one scenario that user can comment on the item, so there is a update operation come in picture for user, but user have read only permission to site.

So please help me resolved this problem.

We can use Run with elevated privileges method in SP object model. I think Silverlight client object model don’t support this method.

Is there any alternative workaround to solve this problem?


BDC Model / External Data Type Security - Getting a SqlException


Hello All :)

I have some BDC models setup and they're working great. A problem arises when anyone else tries to see the models on my virtual machine.
We're all on the same domain. I have created a number of web parts that have lists bound to the bdc models. When another user on the network attempts to view these webparts, I can see the following in the SP logs;


10/08/2010 14:50:42.57 	w3wp.exe (0x12E4)      	0x070C	SharePoint Foundation   	Web Parts      	89a1	High 	Error while executing web part: System.Data.SqlClient.SqlException: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.  at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection)  at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj)  at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)  at System.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)  at System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, Boolean ignoreSniOpenTimeout, Int64 timerExpire, SqlConnection owningObject)  at Sys...	fe8d9c74-fdf0-4d54-a47a-cc0855196b9c

10/08/2010 14:50:42.57*	w3wp.exe (0x12E4)     

Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version


I am using Itext sharp to create a pdf. I am adding an image and I keep getting this error

Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

it is this bit of code that is causing this


string imagepath = "C:\\BMSApplicationFiles\\PDFImages\\bullfrogWeb.gif";

//add the Image to the DOC
  Image bullfrogImage = Image.GetInstance(imagepath);
  bullfrogImage.SetAbsolutePosition(10, doc.PageSize.Height - 36);

If i comment this out, the PDF builds and no errors are thrown (there is just no image)

I don't understand cause I am am trying to do is read a file.

The directory does have full permission granted to IISUser

Any ideas why I am still geting this permissions error?

how to get current user permission,all permissions in share point site using object model



how we will get current user permission using object model to a site/subsite

how can show all permission under a subsite in share point.




Binding WPF Controls to an Entity Data Model

In this interview, programming writer, McLean Schofield, demonstrates how to bind WPF controls to an entity data model, using Visual Studio 2010 Beta 1. You can also learn more in the topic: Walkthrough: Binding WPF Controls to an Entity Data Model.

SharePoint Tutorial - Security

Security in SharePoint is comprised of users, groups and roles.

Users, Groups and Roles

A user account comes from the authentication system. For example, if Active Directory is used to authenticate then the user accounts will come from it.

There are two types of groups SharePoint uses: domain groups and SharePoint groups.
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend