role based vs code based

Hot Topic

O/R Mapping and visual controls
Custom Field Type Properties
User Provisioning in SharePoint 2007
O/R Mapping
Permission to a certain view
Speech Recognition
WSS 2.0 and security group sync
best practices for moving a WSS site from test to production
Problem in fetching the values from the .Config file in COM+
database watcher ... need suggestions !!

SharePoint Products

Can you use Active Directory Manager data in workflow?
Using [Me] filter on List
Help Required- List Events
database watcher ... need suggestions !!
Why does "anonymous" address present in response messages?
Architecture for full text search on sql 2005
Replication for Transactional Data as a Solution
what does the basic 30mb download provide
Beta 2 TR To RTM (RTW) Upgrade Issue W/ Browser
What is Architecture and Who are Architects?

role based vs code based

I need to know general recommendation on whether we should should use role based or code based security for following type of .net applications:

1. Stand alone application

2.Enterprise application

3.B2C application

4.B2B application

As per my understanding we should use Role based in last three cases.Code bases should be used in first and last case(if we are using webservcies).

Your comments!!

Regards

Answer this question

role based vs code based

  • Kamia111

    Hi,

    I need to understand one more thing about Code access security.

    Many people say that it is used to control code from accessing resources by using permission set.

    Somewhere else it is defined as a way by which we can stop other codes to use our code for accessing any resource through it(erikj also use this definition in his reply).

    Can somebody please let me know what exactly is Code access security(Is it to stop our code or other code to access our code) and role based security and what other types of securities exists in .net area.

    Regards 

  • Darrell Davis

    Maybe I am misinterpreting your question, but do you mean role-based vs. code-access security (CAS) If so, they are different animals and can be independently employed in any kind of application based on your needs. Role-based security is based on *who* the user based on the authentication mechanism you choose. Code-access security is more about *what* code is calling your components.

  • David Graton

    Role based security goes well with intranet based applications as domain roles can be directly used.

    http://DotNetWithMe.blogspot.com
    vikas goyal



  • role based vs code based
Answer this question