Based on what you've described, (plug-in-type code) I've had success with the method that calls the interface (the interface implemented in the plug- in) and attribute-based code access security. My instance was simply using PrincipalPermissionAttribute and a GenericPrincipal-derived class; but more complex scenarios and attribute-based security have been described in articles like "Granular Role Based Security Without a Line of Code: Attribute-Based Authorization" [1]
[1]http://msdn.microsoft.com/library/default.asp?url=/library/en- us/dnwinforms/html/Attbasauth.asp On Tue, 20 Jun 2006 08:05:13 +0300, Baris Acar <[EMAIL PROTECTED]> wrote: >Hi, >I am planning to use some objects generated by a factory. These >objects will be dynamic proxies for the actual objects. In the proxy i >will implement an authorization code for checking if the user has the >rights to execute. For the authentication module to be pluggable I >have to find out which method is called, rather than write it >explicitly in every function. As far as I crawled Reflection namespace >there is no way for it. Am i wrong? Am I on the right track or >completely offroad? > >Thanks =================================== This list is hosted by DevelopMentorĀ® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com
