Role based security checks on method level
Hi,
I try to setup a role based security system on method level in my business logic project.
The indention is to restrict access to methods by roles and do use the declarative way:
Public Property DoSomething as string
<AllowAcces("User")> _
get
..
end get
<AllowAccess("Supervisor")> _
set( ...
end set
end property
I explore some concepts, and ending up with some issues.
I inherit from SecurityAttribute, but I need a parameter of type SecurityAction, requested by the base class. As this parameter holds 'Demand' it works fine, but all other values bypass the check. Why?
I try to use PrincipalPermissionAttribute, but this needs WindowsPrincipal, and this class is not inheritable?
So I call out for help, telling me, whats the best way today, and why, and who can demystify the SecurityAction parameter and its values and the resulting behaviour?
Thanks
Gerhard
