Security is a well known use for AOP as it often times is implemented as a cross cutting concern.
Phil has mentioned a way to make it less of a cross cutting concern. I agree in your situation that AOP is probably not the right way to go. Instead making your pages implement an ISecurePage interface that exposes the requirements to access that page or doing a metadata based system seems like it would be a better fit for you. Cheers, Greg On 2/7/07, Paul Cowan <[EMAIL PROTECTED]> wrote:
Hi all, We have an ASP.NET application where users log in under forms authentication. Each user is assigned a role and I want only certain roles to view certain pages. I am really unsure where to put the code for the security and I do not want to hard code the security checks into the code and would somehow like to configure this. Sounds like a job for AOP. I have no experience in this field and was wondering if somebody could help me out? Or if indeed AOP is a good fit for this. Cheers Paul =================================== This list is hosted by DevelopMentor(r) http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com
-- Studying for the Turing test =================================== This list is hosted by DevelopMentorĀ® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com
