.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Post New Web Links

Column Level Security using Label Based Security

Posted By:      Posted Date: April 10, 2011    Points: 0   Category :
 
Hi,

I am looking to implement Cell level security in my SQL Server database. I am building this database for a social-networking-like web application. It has the concept of a Group and a Group Member where a group member can restrict access to certain parts of his information. I have read through the article http://technet.microsoft.com/en-us/library/cc966395.aspx about Label based security. My problem is that i am not sure whether Label based security would be able to provide cell level security when I'll be storing users of my application in a database table and not using SQL Server or Windows logins? Say I have a user 'Omer' in table 'Member' then how would Lable Based Security technique ensure security settings defined for this user? Thanks for providing assistance.


Best Regards,
Omer Javed


View Complete Post


More Related Resource Links

Item Level Security Using Column Values

  

 

Has anyone successfully implemented item-level security in a SharePoint list using column values as the decision criteria? I realize this isn't out of the box functionality and would need to be custom coded.

 

For example, let's say that we have one document library that stores all of the HR documents about every employee in the company. One of the columns in the properties of the document stores which Office that employee reports to. There are HR staff that support each Office and should only have access to the files of employees who report to the same office that they do.

 

I know an option would be to create separate library or folder structures for each Office, but I'm curious if anyone has attempted to secure items or documents using properties instead.

 

Thanks.


Security Briefs: Exploring Claims-Based Identity

  

Keith Brown introduces you to the new identity model in the Microsoft .NET Framework 3.0.

Keith Brown

MSDN Magazine September 2007


Authorize It: Use Role-Based Security in Your Middle Tier .NET Apps with Authorization Manager

  

Authorization Manager in Windows Server 2003 represents a significant improvement in the administration of role-based security, making it more scalable, flexible, and easier to implement. Using Authorization Manager, you can define roles and the tasks those roles can perform. You can nest roles to inherit characteristics from other roles, and you can define application groups. In addition, Authorization Manager lets you use scripts to modify permissions dynamically, and it allows you to wrap your security logic in a security policy that can be stored in Active Directory. Authorization Manager also includes an easy-to-use API for running access checks. The author discusses all of these topics and demonstrates them with a working sample.

Keith Brown

MSDN Magazine November 2003


Secure It: WS-Security and Remoting Channel Sinks Give Message-Level Security to Your SOAP Packets

  

As more organizations adopt XML-based Web Services, the need for message-level security has become evident. WS-Security, now supported in the Microsoft .NET Framework, addresses this need. Using the WS-Security framework, developers can implement channel sinks to intercept Remoting messages as they pass through the .NET Remoting infrastructure. The sink can read the message, change it, and pass it along. During this process, the message can be signed for added security. This article explains how to implement a Remoting channel sink that will modify the Remoting message by including a UserName token in the header, then sign the body using the token.

Neeraj Srivastava

MSDN Magazine November 2003


Security: Unify the Role-Based Security Models for Enterprise and Application Domains with .NET

  

Role-based security allows administrators to assign access permissions to users based on the roles they play rather than on their individual identities. These privileges can be used to control access to objects and methods, and are easier to identify and maintain than user-based security. The .NET Framework provides two role-based security models, which are exposed as two namespaces: System.Enterprise-Services and System.Security.Permissions. Presented here is a comparison of the two options and a discussion of when each is the right choice. The author also demonstrates the process involved in setting up access security and discusses role memberships.

Juval Lowy

MSDN Magazine May 2002


Video: Introduction to Claims-based Security in SharePoint 2010

  
Learn how claims-based identity provides a common way for applications to acquire identity information from users inside their organization, in other organizations, and on the Internet. (Length: 23:46)

Getting filtered data from Role based SSAS security

  
Hi everyone,I've got a heap of reports that are based on various SSAS cubes. I have roles defined on these cubes that restrict data via certain dimensions. Question is, will these restrictions filter through to the report...ie, if I have a sales person restricted in the SSAS cube to only see sales against their territory (restricted in the Territory dimension), when they run the report will it filter the result based on their SSAS credentials and only show the data they have access to (even though the SSRS report has no direct filters or parameters applied)?Cheers for any help!!

Report Level Security in SSRS using Tsql

  
So i am Brand new in this area i have developed reports before and deployed them but never got an oppurtunity to work on security and who gets to see what.. Purpose of the view is thats what im thinking..   We have a reports database has 100 reports . What we are trying to do is have a faster way to manage report subscriptions. The tables i have is Analysts, SalesRep,SalesRepSubs and dbo.users.Dbo users are our web portal users where they can view reports. I want to create a table in which every report is viewed per security level. We have 6 layers of security layer 1 is lowers to layer 6 being highest. This is the relationship between tables Salesrep(SRID PK) Salesrep_sub (SRID_SUBID PK) Analysts : (AnalystIDPK) Users: The Table has all Users who are Salesrep,Sales Repsub and Analysts)(PKID PK) and we have cols SRID, SRID_SUBID & AnalystID) in this table. use Pricing go Alter View dbo.User_Access   AS select S.SR_name,u.SRID,sr.SRsub_name,u.SRID_SubID,U.Userid,u.username,u.Email, u.SecurityLevel,a.AnalystID from dbo.Users u join tbl_Analyst a on a.AnalystID=u.UserID join tbl_SalesRep s on s.SRID=u.SRID Join tbl_SalesRep_Sub sr on sr.SRID_SubID=u.SRID_SubID My question is what do i do next? Add this view to Report server? or how can i make it functionl?????????FM

Report Level Security in SSRS using Tsql

  
So i am Brand new in this area i have developed reports before and deployed them but never got an oppurtunity to work on security and who gets to see what.. Purpose of the view is thats what im thinking..   We have a reports database has 100 reports . What we are trying to do is have a faster way to manage report subscriptions. The tables i have is Analysts, SalesRep,SalesRepSubs and dbo.users.Dbo users are our web portal users where they can view reports. I want to create a table in which every report is viewed per security level. We have 6 layers of security layer 1 is lowers to layer 6 being highest. This is the relationship between tables Salesrep(SRID PK) Salesrep_sub (SRID_SUBID PK) Analysts : (AnalystIDPK) Users: The Table has all Users who are Salesrep,Sales Repsub and Analysts)(PKID PK) and we have cols SRID, SRID_SUBID & AnalystID) in this table. use Pricing go Alter View dbo.User_Access   AS select S.SR_name,u.SRID,sr.SRsub_name,u.SRID_SubID,U.Userid,u.username,u.Email, u.SecurityLevel,a.AnalystID from dbo.Users u join tbl_Analyst a on a.AnalystID=u.UserID join tbl_SalesRep s on s.SRID=u.SRID Join tbl_SalesRep_Sub sr on sr.SRID_SubID=u.SRID_SubID My question is what do i do next? Add this view to Report server? or how can i make it functionl?????????FM

security top total and current level

  
the locig of data is Country 1 - City1 - Company1 -> Nett Income Country 1 - City1 - Company2 -> Nett Income Country 1 - City1 - Company3 -> Nett Income                                                  Total Income   How can i achive the following logic  - the user (role) Company2 have to see only Total for City 1 (Company1+Company2+Company3), just total and Country 1 - City1 - Company2 -> Nett Income I can use dimension data and check Country 1 - City1 - Company2 but in this case he/she can't see totals for City 1 any ideas ?  

How to Provide Security at User level base in asp.net for certain pages

  
 Hi I have a site We have different Pages under one folder. we have stored these pages information in a database table with pageid. Then we have User access table. there we store userid and pageid , for which pages user has access. Now I need to provide access to that pages only . What to do. Could you please provide answer asap.   Thanks  

Transport level security with netTcpBinding

  
Does service and client need to be part of domain with netTcpBinding endpoint configured to used Transport security mode with Certificate based client credential type and protect level set to EncryptAndSign <bindings> <netTcpBinding> <binding name="CertificateWithTransport" maxBufferPoolSize="100000000" maxBufferSize="100000000" maxReceivedMessageSize="100000000" portSharingEnabled="true"> <readerQuotas maxDepth="100000000" maxStringContentLength="100000000" maxArrayLength="100000000" maxBytesPerRead="100000000" maxNameTableCharCount="100000000" /> <security mode="Transport"> <transport clientCredentialType="Certificate" protectionLevel="EncryptAndSign"/> </security> </binding> </netTcpBinding> </bindings> Thanks      -= JL =-

Sharepoint 2010 with role-based asp.net security

  

I have a Sharepoint 2010 (forms authentication) site on windows server 2008 with asp.net role-based security. At the highest level i have document libraries with folders within each as shown below.

> Doc Lib 1

>> Sub folder 1

>> Sub folder 2

> Doc Lib 2

>> Sub folder 1

>> Sub folder 2

Sub folder 1 and sub folder 2 are the same within each document library.

I want to be able to use asp.net roles to restrict users access to the document library. For example, user 1 should only be able to access sub folder 1 within doc lib 1. I'm not sure how i should go about configuring the roles.

I have created role1 for access to doclib1 and role2 for doclib2. In addition i also have roleA for access to subfolder1 and roleB for access to subfolder2. I have assigned the roles the libraries and folders. To user 1, i have assigned : role1 and role A. I expect that user1 should only see doclib1 and within it subfolder1. But that isn't the case.

How do i achieve my desired results?


Page Level Security

  

How do I limit what User/Groups can see a page in SharePoint 2007? Within on particular SITE, I want to be able to say, for example, only Users in the X group can see this page.

I see on the Page Setting the "Audience Targeting" option, but that does not restrict anyone outside that group from clicking "All Site Content" then finding and opening the page from under Pages.

Can someone point me in the right direction?

Thanks in advance.


Todd C - MSCTS SQL Server 2005 - Please mark posts as answered where appropriate.

Menu - Role security not working on second level of sitemap

  

I have role assignments on both the first and second level of my menus within my sitemap file.  The first level works fine, and I only see items assigned to my role.

But roles assignments seem to have no effect on the second level.  It seems like if you have access to the first level, you have access to everything on the second level.

Is this correct?


From my sitemap (either a SalesRep or an Administrator can see everything underneath):

    <siteMapNode title="Administration" roles="SalesRep,Administrator" description="Admin" >

      <siteMapNode title="CompanyMaintenance" roles="SalesRep" url="~/Admin/CompanyManagement.aspx" />

      <siteMapNode title="Initialize Roles" roles="Administrator" url="~/Admin/Roles.aspx"/>

    </siteMapNode>

From my config:



    <roleManager enabled="true" defaultProvider="SqlRoleProvider">

document library security permissions on column value

  
I have created a document library with several number of documents there are 8 divisions so I have given a column called division with choice of selecting one of the divison as a column value now I want to set permissions to users of a divsion to read and write (edit checkout and author) only his respective divisoin and also read only access to all other documentsof other divisions.

Show users based on ad-security group or OU

  

Will it somehow be possible to show members of a AD group ?

We have some superusers, and they all have the ad-group: super_users.

Can i show all members somehow ?

Maybe by a search flag, so it is just a link to a search result ?


Jakob Olsen
Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend