RollenBasierteSicherheit

Summary: Role-based Security erlaubt Benutzergruppen bestimmte Berechtigungen zuzuweisen

Index: HomePage

Code

Authorization and Profile Application Block - This block is a reusable code component that builds on the capabilities of the Microsoft .NET Framework to help you perform authorization and access profile information.
Implementing Role Based Security for User Interface - This sample demonstrates how you can extend Web.UI.Page to implement role based security for the controls in an aspx page. Control settings are stored in a SQL Server database for a particular user/role. Settings are retrieved from the database and cached for a particular interval based on web.config settings.

The role-based security model
Implementing Role-Based Security with ASP.NET
Role-based Security with Forms Authentication - auch verfügbar bei CodeProject
Implementing Simple Role-Based Security in Managed C++
Quick and easy user-level security checks / Quick and easy user-level security checks - Part 2 This article presents a library that enables a programmer to store and retrieve security credentials from a back-end database. The classes in the library also extend the .NET role-based authorization mechanism by introducing the concept of a "right". A right is a low level security element that can be assigned to a role or an individual user. The library includes a specialized principal class that allows these rights to be verified in much the same way that roles are today through the standard .NET security classes. The library will work with any compatible .NET language, and may be used in thin-client (ASP.NET) or thick-client environments. The library also exports a simple interface for managing users, roles, and rights. The database code is logically isolated from the rest of the library, so adapting things to work with other databases is very straightforward.

Building Secure Microsoft ASP .NET Applications - Kapitel 3, Authentication and Authorization Design. Etliche Howto's in diesem Buch sind direkt auf Role-Based Security angelegt.
Hijacking .Net Vol 1: Role Based Security - downloadbar als PDF Dokument
Security for Microsoft Visual Basic .NET Programmers - Kapitel 2, Role Based Authorization
.NET Security - Kapitel 5, Role Access Security
.NET Framework Security - Kapitel 13, 14, 15 und 27. Hauptsächlich die Grundlagen von Authentication und Authorization, aber sehr solide
Improving Web Application Security - Kapitel 10, Building Secure ASP.NET Pages and Controls. Generell extrem empfehlenswertes Buch.
Microsoft ASP.NET Coding Strategies with the Microsoft ASP.NET Team - Kapitel 8, ASP.NET Security. Generell extrem empfehlenswertes Buch.