.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Row level access control in sql server

Posted By:      Posted Date: May 22, 2011    Points: 0   Category :

Hi All,

I'm looking for some opinions on implementing row level access control to a SQL Server confidential data table.

Only certain rows can be accessed (select, update, delete....) by certain users.  

I've searched around and so far what I have found points to the following scheme:

- define users, groups of users, roles with actions, and row membership categories, in an access control table

- add a membership category column to the confidential data table, and populate it with content that specifies what access control membership category it belongs to

- allow users to use stored procedures (probably via a web front end) to access the data they are entitled to, using a view with a where clause.  The where clause would check the user id against the access control table to see what row membership categories that user was entitled to access, and use this to restrict the rows being returned.

So to summarise the requirement, there are many rows in the table.  There are many users.  Some users can access all rows.  Some users can only access rows that fall into a particular category.  The category is stored with each row.  

Any comments appreciated....





View Complete Post

More Related Resource Links

Access Control List tables in sql server 2005

Hi all, Can anybody help me in creating Acl tables.how to create them in sqlserver 2005 and how to use in my .net application

Access Control List tables in sql server 2005

Hi all, Can anybody help me in creating Acl tables.how to create them in sqlserver 2005 and how to use in my .net application

Sorting Data in a GridView Web Server Control

The GridView control provides built-in sorting functionality without requiring any coding. You can further customize the sort functionality of the GridView control by using custom SortExpression property values for columns as well as by using the Sorting and Sorted events

Server side validation of Fileupload control not working



I've tried this method in my code behind to try and validate that the Fileupload control has a file or not. I get the error message the the event "Server Validate" cannot be found. Can anyone tell why? Thanks.

Public Sub CustomValidator1_ServerValidate(ByVal source As Object, ByVal args As System.Web.UI.WebControls.ServerValidateEventArgs) Handles CustomValidator1.ServerValidate

' Get file name

        Dim uploadAvatar As FileUpload = DirectCast(AdvertisementForm.FindControl("uploadAvatar"), FileUpload)

        Dim UploadFileName As String = uploadAvatar.PostedFile.FileName

        If UploadFileName = "" Then
            ' There is no file selected
            args.IsValid = False
            Dim Extension As String = UploadFileName.Substring(UploadFileName.L

video tutorial link for composite and rendered custom server control


hii all

i am new to technology so go easy on this post

according to what i read from web there are 3 type of custom server controls

1 superclass

2 composite

3 rendered

i found video tutorial for superclass custom server control but couldnt find video tutials for other 2.

please forward me link for composite and rendered custom server controls video tutorial  

require Video tutorial for Composite server control and rendered server control


hi guys

i am new to forum and technology so please go easy

according to what i read from web there 3 types of custom server controls

1. composite



i found video tutorial to create and use superclass custom control in your project (extending dropdown control functionality)

i am trying to search video tutorial for other 2 types .please help me.

unable to access control inside webuser control



I have used calender web user control inside my project where i took textbox,button and calender.....but after dragging onto my aspx page....i am unable to access this textbox,calender and button on aspx page...Pls help me to find out the solution.

image inside custom server control



I want to use an image inside a Custom Web server control ! 

Do I need to use Web.resources ? if so , how to do ?

Custom Server Control Property not maintaining state


I have created a server control consisting of a TextArea and a div under it.  My goal is to create my own asp:TextArea type control.  the div is for a Character count of the text area and seems to work ok but i added a CharacterCountVisible property to the control that is always returning true.  See Proptery definition below


<Bindable(False), Category("Appearance"), DefaultValue("True"), Localizable(True)> Property CharacterCountVisible() As Boolean
        Return _CountBoxVisible
    End Get
    Set(ByVal value As Boolean)
        _CountBoxVisible = value
    End Set
End Property

Note the _CountBoxVisible variable is define inside the class as :

Dim _CountBoxVisible as Boolean = True

What I am trying to do is give the user/coder the option to show/utilize the char count feature.  Can make it disappear with textarea1.CharacterCountVisible = False but setting it to true will not make it display.


What am i missing





Need help using control adapters at the machine level

Hi guys!

Let me explain our situation. I do web development at a university at which we have to meet strict accessibility guidelines. I've specially modified the adapters (as well as extended CompositeDataBoundControlAdapter to include GridView) for use on our site and to use with our global stylesheets as well as compiled the control adapters into a DLL.

The control adapters now all reside in the WebServices.CssFriendlyAdapters DLL.  (For example, WebServices.CssFriendlyAdapters.GridViewAdapter).

Currently, when someone drops an App_Browsers folder in to their site with the adapters specified, the adapters work. However, we'd like to be able to specify this in the C:\WINDOWS\Microsoft.NET\Framework\(version number)\CONFIG\Browsers directory so that the adapters work automatically without anyone having to move anything into App_Browsers for every site. To ensure that someone can still use the "old way" or will not be confused by their controls being adapted, I've written in code that uses the base rendering methods unless xhtmlConformance is set to "Strict" in the site's web.config file.

Anyway, on to the problem. When trying to compile the controlAdapters into the C:\WINDOWS\Microsoft.NET\Framework\(version number)\CONFIG\Browsers directory using aspnet_regbrowsers.exe (see http://msdn2.microsoft.com/en-us/library/ms229858.a

Access Control: Understanding Windows File And Registry Permissions


Understanding the ACLs that govern permissions and rights before an operation is allowed to proceed is critical to enhancing security.

John R. Michener

MSDN Magazine November 2008

Team System: Team Foundation Server Version Control


In this new column, Brian Randell begins his long look at how to extend and enhance Visual Studio Team System.

Brian A. Randell

MSDN Magazine January 2007

Security Briefs: Access Control List Editing in .NET


Access control lists (ACLs) can be complex beasts, and user interfaces for editing them are incredibly tricky to implement properly. That's why I was really excited when Windows® 2000 shipped with a programmable ACL editor, shown in Figure 1.

Keith Brown

MSDN Magazine March 2005

Provisioning: Use Web Services Provisioning to Control Access, Usage, and Billing on Your Site


Building Web Services to provide enterprise-level solutions is only the first step. You need to take care of the infrastructure aspects of your solution as well, including provisioning, billing, security, and reporting. In this article, the author uses the .NET Framework and SQL Server 2000 to design a provisioning system that will take care of all these housekeeping tasks. He discusses the general requirements of a Web Service provisioning system, walks through the implementation, and then outlines various scenarios for putting this system to work.

Chandu Thota

MSDN Magazine December 2002

SharePoint Portal Server 2001: Search and Access Disparate Data Repositories in Your Enterprise


The knowledge worker is greatly empowered if she is able to access information across the enterprise from a central access point. With the SharePoint Portal Server 2001 Search Service you can catalogue information stored in Exchange public folders, on the Web, in the file system, and even in Lotus Notes databases. This article discusses the use of ActiveX Data Objects and the Web-based Distributed Authoring and Versioning protocol for creating search solutions based on SharePoint Portal Server 2001.

Kayode Dada

MSDN Magazine April 2002

Upsize Your Database: Convert Your Microsoft Access Application to Take Advantage of SQL Server 7.0


What if you need to convert an existing Microsoft Access 97 database application into a true client-server application that is based on a SQL Server back end? If you know a little about Visual Basic and SQL Server, it's easy to make your app take advantage of the power and scalability provided by SQL Server 7.0. Using some concrete code examples, this article takes you step by step through converting the native Jet queries in your Access application into stored procedures and pass-through queries that SQL Server can use. You'll also learn how to pass on parameters when your client-server app calls these SQL Server stored procedures and queries.

Michael McManus

MSDN Magazine June 2000

ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend