Wednesday, May 09, 2007

How to use PrincipalPermission-Demand in ASP.NET 2.0

How to use PrincipalPermission-Demand Security in ASP.NET 2.0

NameSpace
using
System.Security.Permissions;

Variable
string[] roles = new string[10];

Source Code
protected void Page_Load(object sender, EventArgs e)
{
string user = "TestUser";
System.Security.Principal.IIdentity id = System.Security.Principal.WindowsIdentity.GetCurrent();

if
(!IsPostBack)
{
//System.Collections.Generic.List<string> lstUser = userDetails.GetUserDetails(user);
// User role you can access from database and keep in list or array
roles.SetValue("Admin" , 0);
ViewState["Roles" ] = roles;
}

if (ViewState["Roles"] != null )
roles = (string[])ViewState["Roles"];
System.Threading.Thread.CurrentPrincipal =
new System.Security.Principal.GenericPrincipal (id, roles);
}

[PrincipalPermission principalPerm = new PrincipalPermission (id, roles)]
private void DisplayPDF(string filePath)
{
}

Best link to do ASP.NET 2.0 Security Practices
http://msdn2.microsoft.com/en-us/library/ms998372.aspx

No comments: