You have my point exactly.. yosi
On Mon, 25 Nov 2002 10:34:39 -0500, Craig Andera <[EMAIL PROTECTED]> wrote: >> Why exectly do you believe that role-based security is not an >> appropriate >> solution for your problem? Role-based security allows you to >> demand that a >> user be a member of a particular role or have a particular >> identity. Is it >> possible that in your research you missed the point that a >> user can be a >> member of any number of roles and you can make security >> demands based on >> membership in groups of roles? > >If I may. > >My reading of the question was that he needed not only to check to see >if a user was in a particular role, but also that that role has access >to a particular piece of data. This is very common: Admins can read this >file, but Users cannot. When you're writing generic classes that >represent all files, you can't use role-based security. > >Maybe I missed the original poster's point, and this isn't what he was >saying. All the same, data-based security is a very common requirement >for many apps. > >You can read messages from the Advanced DOTNET archive, unsubscribe from Advanced DOTNET, or >subscribe to other DevelopMentor lists at http://discuss.develop.com. You can read messages from the Advanced DOTNET archive, unsubscribe from Advanced DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
