Role Based Access Control (RBAC) - .Net Component [closed]

不打扰是莪最后的温柔 提交于 2019-12-04 06:00:48

I wrote my own component for exactly this problem. You can interface to Windows directories and such, but in the past I did not want to manage an application's users through Windows AD, so I write my own role and privilege based subsystem for my applications.

It is not much work to do, and for me it was very worth it because I put into it exactly what I needed and no more.

To answer your question, yes, there are few .net components available which allows any .net applications to apply RBAC.

RBAC - Role based access control system is a method of restricting access to 'some sources or applications or some features of applications' based on the roles of users of organization. Here, restrictions can be by means of multiple permissions, those are created by administrator to restrict access, and these permissions collectively represents a role, which will be assigned to user.

And if we go slight deeper in RBAC, it basically contains 3 features. 1) Authentication - It confirms the user's identity. Usually it is done via user accounts and passwords or credentials. 2) Authorization - It defines what user can do and cannot do in an application. Ex. ‘Modifying order’ is allowed but ‘creating new order’ is not allowed. 3) Auditing of user actions on applications. - It keeps track of user's actions on applications, as well as who has granted which access to which users?

This was very basic top view picture of RBAC system.

ASP.Net Membership Component is one of the way to implement RBAC, You can also write your own system with basic functionalities.

There are some nice and helpful articles which shows brief information and implementation of RBAC.

http://www.visual-guard.com/EN/net-powerbuilder-application-security-authentication-permission-access-control-rbac-articles/dotnet-security-article-ressources/role-based-access-control.html

http://www.codeproject.com/Articles/875547/Custom-Roles-Based-Access-Control-RBAC-in-ASP-NET

I also recommend few ready to use components VisualGuard (@which I work) and also MemberProtect.

I wrote mine using Postsharp, just by adding attributes to the methos which you need access control.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!