.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

How to implement business role security

Posted By:      Posted Date: April 10, 2011    Points: 0   Category :ASP.Net

Dear Friends,

In asp.net web application we have following business role.

1. Maker (creation/Updation records)

2. Checker (approval of commiting created/updated records into the system)

3. IT (User Adminstration and other master management tasks)

To keep it simple i just mentioned three roles in our application we have more than 20 roles and multiple roles could be assign to single users just like SQL server has various roles and multiple roles could be assigned to single user. 

I want to enforce following security on my pages

  • CustomerUpdate.aspx should only be accessible to Maker role users
  • CustomerVerificationTasks, CustomerReview.aspx should only be accesible to Checker role users
  • UserAdmin.aspx, UserUpdate.aspx etc admin pages should only be accessible to IT users

I am wondering how to implement this role based security? As per my thinking Following could be the way

 Assign page to role like (CustomerUpdate.aspx belongs to maker) and at page load call a function CheckAccessiblity(pageName) would validate from the following database table PageAccessiblityRoles (ID would be numeric i have just given text for easy illustration)

PageID                     RoleID



View Complete Post

More Related Resource Links

Authorize It: Use Role-Based Security in Your Middle Tier .NET Apps with Authorization Manager


Authorization Manager in Windows Server 2003 represents a significant improvement in the administration of role-based security, making it more scalable, flexible, and easier to implement. Using Authorization Manager, you can define roles and the tasks those roles can perform. You can nest roles to inherit characteristics from other roles, and you can define application groups. In addition, Authorization Manager lets you use scripts to modify permissions dynamically, and it allows you to wrap your security logic in a security policy that can be stored in Active Directory. Authorization Manager also includes an easy-to-use API for running access checks. The author discusses all of these topics and demonstrates them with a working sample.

Keith Brown

MSDN Magazine November 2003

Security: Unify the Role-Based Security Models for Enterprise and Application Domains with .NET


Role-based security allows administrators to assign access permissions to users based on the roles they play rather than on their individual identities. These privileges can be used to control access to objects and methods, and are easier to identify and maintain than user-based security. The .NET Framework provides two role-based security models, which are exposed as two namespaces: System.Enterprise-Services and System.Security.Permissions. Presented here is a comparison of the two options and a discussion of when each is the right choice. The author also demonstrates the process involved in setting up access security and discusses role memberships.

Juval Lowy

MSDN Magazine May 2002

BizTalk: Implement Design Patterns for Business Rules with Orchestration Designer


Because the value of good software planning and design should never be underestimated, it can be beneficial to use one of the many existing design patterns as a foundation for solving some of your toughest architecture problems. This article describes several traditional design patterns including the Observer pattern and the Dispatcher pattern, elaborates on their structures, what they're used for, and how they can help you build a BizTalk-based solution. Following this is a discussion on using the BizTalk Orchestration Designer to build designs and integrate existing business processes.

Christian Thilmany and Todd McKinney

MSDN Magazine October 2001

Getting filtered data from Role based SSAS security

Hi everyone,I've got a heap of reports that are based on various SSAS cubes. I have roles defined on these cubes that restrict data via certain dimensions. Question is, will these restrictions filter through to the report...ie, if I have a sales person restricted in the SSAS cube to only see sales against their territory (restricted in the Territory dimension), when they run the report will it filter the result based on their SSAS credentials and only show the data they have access to (even though the SSRS report has no direct filters or parameters applied)?Cheers for any help!!

Best way to implement business logic

I am trying to migrate our current SQL CRM to Sharepoint Server 2010. At first I tried using BCS but I couldn't figure out how to implement a many-to-many lookup relationship. So now I am trying to use SSIS to move the SQL data into the lists in Sharepoint. Right now, I have accounts and contacts as lists. Now I am trying to implement the business logic where an account can have multiple contacts and a contact can have multiple accounts and when a user associates a contact with an account (or vice versa), that account should automatically be associated back with the contact. It seems this cannot be accomplished with a declarative work flow like in SPD. Am I correct in thinking that the best way to implement this is with 2 sequential workflows in Visual Studio?  Also, is a workflow always preferrable to an event receiver? Thanks!

Sharepoint 2010 with role-based asp.net security


I have a Sharepoint 2010 (forms authentication) site on windows server 2008 with asp.net role-based security. At the highest level i have document libraries with folders within each as shown below.

> Doc Lib 1

>> Sub folder 1

>> Sub folder 2

> Doc Lib 2

>> Sub folder 1

>> Sub folder 2

Sub folder 1 and sub folder 2 are the same within each document library.

I want to be able to use asp.net roles to restrict users access to the document library. For example, user 1 should only be able to access sub folder 1 within doc lib 1. I'm not sure how i should go about configuring the roles.

I have created role1 for access to doclib1 and role2 for doclib2. In addition i also have roleA for access to subfolder1 and roleB for access to subfolder2. I have assigned the roles the libraries and folders. To user 1, i have assigned : role1 and role A. I expect that user1 should only see doclib1 and within it subfolder1. But that isn't the case.

How do i achieve my desired results?

Best way to implement security for measures in SSAS


Hi SSAS gurus,


I have a requirement where I need to implement security on some measures such that it is visible to a set of users and not accessible to another set of users. Now, I also have SSRS reports defined on top of these measures which are accessible by both the set of users. I want the reports to be displayed such that the measures should be visible to the users with access but invisible or N/A should be displayed when the other set of users access the reports. What would be the best way to go forward for this?

Cheers, Jason 

Cross Dimension Role Security

Hello guys,





The Problem:

As you can see the DimSeller is related to the DimCustomer by a non key attribute called "CNPJ", my question is how can i define role security based on that dimension attribute.

For example:

Im a customer with the cnpj 1234, and when i want to see the seller cnpj i can only see the "rows" that the Customer.CNPJ in the DimSeller is equal to my cnpj. 

My future needs i will associate the cnpj with a claims autentication user so than i can use that on sharepoint. At this page I found something like i need, but there i should repeat the steps for each attribute of the dimension, and that would be very hard.

Anyone have some suggestion wich is the best approach for doing this?

Menu - Role security not working on second level of sitemap


I have role assignments on both the first and second level of my menus within my sitemap file.  The first level works fine, and I only see items assigned to my role.

But roles assignments seem to have no effect on the second level.  It seems like if you have access to the first level, you have access to everything on the second level.

Is this correct?

From my sitemap (either a SalesRep or an Administrator can see everything underneath):

    <siteMapNode title="Administration" roles="SalesRep,Administrator" description="Admin" >

      <siteMapNode title="CompanyMaintenance" roles="SalesRep" url="~/Admin/CompanyManagement.aspx" />

      <siteMapNode title="Initialize Roles" roles="Administrator" url="~/Admin/Roles.aspx"/>


From my config:

    <roleManager enabled="true" defaultProvider="SqlRoleProvider">

How to implement Security RTP in RTC Client


Hello! I am developing a VoIP softphone in C# using RTC Client API. I need to add Security RTP but I don't know how because I don't know if RTC Client supports SRTP.


Has anyone any idea or another way to get it??? Thank you.

retrive Cube Role Security information


how can I retrive cube role security information ( including members, dimension security, etc..) using AMO?

where can I find code examples?




how to implement field-level security

I need to set up a list in which "A" users can only view and edit a subset of the fields in a custom list, while "B" users can veiw and edit all fields.  It would also be nice if, when an "A" user creates a new list item, one of the fields that is only accessible to "B" users could be set to a pre-determined value.

I'm open to different approaches here (different views of the same list, different lists with some automated way to copy items from the one list to the other, a single view of a single list with some mechanism to enforce the restrictions outlined above, or perhaps some other approach I haven't thought of).  My biggest concern is that the solution be as straightforward and simple to implement as possible.  I'm an experienced VB/C#/SQL developer, but my exposure to SharePoint has been limited to setting up and customizing very simple sites via a web browser.  I have absolutely no experience using SharePoint Designer, or any other SharePoint development tool, and am not sure I will have the time to learn it to complete this project.

Thanks in advance for your suggestions.

how to add role based security using (ul - li) for menus ?


Hi, All

   How can I implement role based security that would show the admin tab if the user was logged in as a admin by using (ul-li) like the below code as a simple example. I do not want to use the menu control is this possible ?


<li><a href="#">Services</a></li>
<li><a href="#">About us</a></li>
<li><a href="#">Admin</a></li>

Many Thanks


Custom access denied page for role based security


I have implemented role based security in my asp.net 2.0 vb.net application using windows authentication and the windowstokenroleprovider and limiting access to certain pages using the location tag to specific active directory groups.

The issue is that when a user tries to access a page they are not authorized to view it brings up a login prompt and when it does not pass it takes them to the default page that tells them they are not authorized to view the page. I am wondering if there is a way to throw up a custom page that tells them they are not athorized to view the page that I can incorporate into the site itself with the header and so forth? It would be great if this page could come up in lieu of the sign in box popping up as well.


Connection issue SSAS 2008 (role security)


Hello Experts,

After implement role security based on dimension security we get connection issues at the initial log on to our ssas cube.

Our environment is:
Windows Server 2008 SP2, x64
MS SQL Server 2008 Enterprise SP1
VM-Ware Maschine
Processor: AMD Opteron 8381 HE (QuadCode 2,5GHz)
Memory: 8 GB
Relation database: about 18 GB
Multidimensional database: about 8 GB / 39 Dimension / 68 measure groups (some were needed to implement m:n relations)

Security model: 4 fact tables get 4 additional column e.g. Security1 with values “yes” and “no”. A Role1 e.g. is able to see Security1 only “yes” facts. A Role2 e.g. is able to see Security2 only “yes”

SharePoint Tutorial - Security

Security in SharePoint is comprised of users, groups and roles.

Users, Groups and Roles

A user account comes from the authentication system. For example, if Active Directory is used to authenticate then the user accounts will come from it.

There are two types of groups SharePoint uses: domain groups and SharePoint groups.

Business Modelling and Web Applications and extending UML

UML can be used to model a business, prior to automating it with computers. The same basic UML syntax is used, however, a number of new symbols are added, in order to make the diagrams more relevant to the business process world. A commonly-used set of these symbols is available in current versions of Rational Rose.
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend