Search Results

Search found 8 results on 1 pages for 'micha12'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1/1 | 1 

  • Non RBAC User Roles and Permissions System: checking the user's City

    - by micha12
    We are currently designing a User Roles and Permissions System in our web application (ASP.NET), and it seems that we have several cases that do no fit within the classical Role-Based Access Control (RBAC). I will post several questions, each devoted to a particular case, this being the first post. We have the following case: not to allow a user view a certain page if the user lives in a particular city. This is a simple case that is coded in the following way: if (User.City == “Moscow”) // Allow the user to view the page. else // Do not allow the user to view this page. Though this case is very simple and straightforward, it has nothing to do with the RBAC. On StackOverflow, someone called this an Attribute-based Access Control. Under the classical RBAC, it seems that this case should be designed like this: introduce a permission “City where the person lives”, this permission will have a property City. Then create a role, add a permission of type “City = Moscow” to it and the assign the role to the user. Looks extremely cumbersome. The question is whether it is acceptable to introduce such non-RBAC approaches to our permissions system – does that break the design or not? This might seem a primitive question, but we found that most applications use pure RBAC, and we started to think that we might be doing something wrong. Thank you.

    Read the article

  • Non RBAC User Roles and Permissions System: a role with properties

    - by micha12
    We are currently designing a User Roles and Permissions System in our web application (ASP.NET), and it seems that we have several cases that do no fit within the classical Role-Based Access Control (RBAC). I will post several questions, each devoted to a particular case. This is my second question (the first question is here: http://stackoverflow.com/questions/2839797/non-rbac-user-roles-and-permissions-system-checking-the-users-city). We have the following case: we need to implement a Manager role in our web application. However, a Manager can belong to one or several companies (within a big group of companies for which we are creating this web app). Say, there can be “Manager of companies A and B”, “Manager of company C”, etc. Depending on the companies that the Manager belongs, he has access to certain operations: for example, he can communicate with clients only of those companies that he belongs to. That is, “Manager of companies A and B” can only have contacts with clients of companies A and B, and not with those of company C. He can also view clients’ details pages of companies A and B and not of C, etc. It seems that this case falls within the RBAC. However, this is not really the case. We will need to create a ManagerRole class that will have a Companies property – that is, this will not be just a role as a collection of permissions (like in the classical RBAC), but a role with properties! This was just one example of a role having properties. There will be others: for example, an Administrator role that will also belong to a number of companies and will also have other custom properties. This means that we will a hierarchy or roles classes: class Role – base class class ManagerRole : Role List Companies class AdministratorRole : Role List Companies Other properties We investigated pure RBAC and its implementation in several systems, and found no systems featuring a hierarchy or roles, each having custom properties. In RBAC, roles are just collections of permissions. We could model our cases using permission with properties, like ManagerPermission, AdministratorPermission, but this has a lot of drawbacks, the main being that we will not be able to assign a role like “Manager of Companies A and B” to a user directly, but will have to create a role containing a ManagerPermission for companies A and B… Moreover, a "Manager" seems to be rather a "role" (position in the company) rather than a "permission" from the linguistic point of view. Would be grateful for any ideas on this subject, as well as any experience in this field! Thank you.

    Read the article

  • Visual Studio 2010: very slow web applications debugging!

    - by micha12
    I recently installed Visual Studio 2010 (Ultimate edition, final version released in April), and found that debugging a web application became very slow (2-3 times slower than in Visual Studio 2008)! I took the same web application and checked the speed of loading of one of its pages in VS 2008 and VS 2010, and compared the time it takes to load the page. I tested it using 2 approaches: 1) debugging under ASP.NET Development Server (by pressing the "Start" button) and 2) using ASP.NET Development Server without debugging (by using the "View in Browser" menu command). And I got the following results for Visual Studio 2008 and 2010. 1) ASP.NET Development Server withoud debugging ("View in Browser"): the speed of page loading is the same in VS 2008 and 2010. 2) Debugging under ASP.NET Development Server ("Start" button): in VS 2010 the page takes more time to load than in VS 2008 - VS 2010 debugging is 2-3 times slower than in VS 2008! 3) At the same time, when debugging a web application in VS 2008, it takes the same time to load the page compared to when using only the "View in Browser" command. That is, VS 2008 debugging does not introduce any overhead to page loading in the web browser! I wanted to make sure that other people have the same problem with slow debugging of web applications in VS 2010. Can this issue be solved by any means? BTW, I am using Windows XP SP3. Thank you.

    Read the article

  • Network Load Balancing (NLB): is it suitable for "stateful" ASP.NET applications?

    - by micha12
    Hi everybody, I have posted the following question concerning ASP.NET web farms. http://stackoverflow.com/questions/1816756/how-to-create-an-asp-net-web-farm/ Guys recommended using Network Load Balancing (NLB) as a primary way of creating a web farm. However, Wikipedia says that "NLBS is intended for ... stateless applications". Our web application, however, is absolutely "stateful": it is a closed site to which users will have access by login and password, and information for every user will be different: people will see their own trades and operations. Should we still use NLB in this scenario? Thank you.

    Read the article

  • Team Foundation Server vs. SVN and other source control systems

    - by micha12
    We are currently looking for a version control system to use in our projects. Up to now we have been using VSS, but nowadays more powerful source control systems exists like TFS, SVN, etc. We are planning to migrate our projects to Visual Studio 2010, so the first idea coming to mind is to start using TFS 2010. I have never worked with SVN and other version control systems. My question is: how good is TFS compared to other source control systems? Is it a good idea using it, or should we rather use SVN (or any other system)? Thank you.

    Read the article

  • Microsoft SQL Server 2008 Web Edition: is it suitable for "closed" websites?

    - by micha12
    Can Microsoft SQL Server 2008 Web Edition be used in "closed" websites, which are hosted on the Internet, but require users to log in? We are developing a web application for banks. This is a website for clients of the bank; it allows clients to log in and view information on their personal banking accounts, stock portfolios, etc. Can this web app use SQL Server 2008 Web Edition? Here is information on this edition of SQL Server: http://www.microsoft.com/sqlserver/2008/en/us/web.aspx It is said on this page that Web Edition can be used only on "public and Internet accessible ... Web applications". Technically, the web app we are developing is public and Internet accessible - although it requires authentication. Won't using Web Edition in our web app violate SQL Server license terms? Thank you.

    Read the article

  • Traffic consumed by Team Foundation Server 2010

    - by micha12
    We are currently selecting a source control and issue tracking software, and are looking towards Team Foundation Server 2010. Some participants of our project often have slow Internet connection (for example during travel), and therefore it is important for us to have a source control system that does not consume too much traffic. I was unable to find information on traffic consumption when using TFS 2010. Does anyone has such info? Does TFS 2010 support traffic compression? Do other source control systems (like SVN, for example) produce less or more traffic than TFS 2010?

    Read the article

  • ASP.NET Controls with Highly Customizable GUI

    - by micha12
    We are developing an ASP.NET web application where some of the features that we will need to implement are quite standard: for example, a chat between users, a forum, etc. There are ASP.NET chats and forums components available. However, they all have a predetermined GUI and html markup that is almost impossible to change and very difficult to customize. And this is a very common situation for most controls like grids, etc.: you have very low control over the html markup that is being generated by the control. In our case, our web app will have its own web design created by a professional web designer in PhotoShop, and then it will but transformed into html markup that will then be transformed in aspx pages. We would ideally like to create the html markup for the forum and chat by ourselves, and use only the non-GUI part of the ASP.NET components. Is this approach feasible? Has anyone dealt with such approach in practice?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

1