Thanks everyone for your help. I have time to experiment as the project starting date has slipped to march.
-----Original Message----- From: Unmoderated discussion of advanced .NET topics. [mailto:[EMAIL PROTECTED] On Behalf Of Roni Burd Sent: Friday, January 07, 2005 9:26 PM To: [email protected] Subject: [ADVANCED-DOTNET] Architecture question on security and permissions Hi, I'm in research fase of a modest size enterprise application. I've programmed a lot with .NET before but was never quite satisfied with the way we were dealing with security and permissions and I wanted to ask you guys for your experience. So here go some questions hoping to start an interesting thread. I've been reading about class access and method access security using "Security Demand", "Security Override" and "Security Optimization". How good are these methods and how painfull it is to implements them across my BLL and DAL. Also I've been wondering for a long time how people manage the UI. Is there a way of decorating controls (maybe IExtenderProvider) so they can disable themselves when the user is not allowed to view them, or maybe disable. Think menus, buttons, hidden fields, etc. Finally how does Authorization and Profile Application Block fits into the picture and what experience you have using it (tips, things to be careful of, etc) As you can tell, I'm really newbie when it comes to .NET security using functionalities that are provided in the framework. Also I haven't been able to find articles describing security these features. =================================== This list is hosted by DevelopMentor. http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com =================================== This list is hosted by DevelopMentor� http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com
