Secure Directories

Topics: Developer Forum, User Forum
May 12, 2008 at 11:16 PM
Anyone have any ideas as to what the best way is to identify certian pages that will have access by certain people but not others.  If someone has a valid username and password they can access the members only section of our website, but what if I want to parse out whats in the members only section so certian people can see certian pages and other people can see other pages?  Is this at all possible?
May 13, 2008 at 1:18 PM
You might check out the mwpsk extensions 1.1.4 role-based security feature to see if that helps you.

http://www.codeplex.com/MyWebPagesStarterKit/WorkItem/View.aspx?WorkItemId=13162
May 13, 2008 at 8:54 PM


CarlCarlson wrote:
You might check out the mwpsk extensions 1.1.4 role-based security feature to see if that helps you.

http://www.codeplex.com/MyWebPagesStarterKit/WorkItem/View.aspx?WorkItemId=13162



Unfortunately I dont think this is going to work for me right now because I already loaded and am using the 1.2.0 beta version and there is code written into that that will not be in the stuff you directed me to so it will not generate the pages correctly, if at all.  When I copied my web site and tried it I kept getting error messages.  If you could help convert these files so they work in 1.2.0 that would be great.

If not does anyone else have any ideas as to how to set role based security?
May 14, 2008 at 3:24 AM
Sorry, but I can't help you there.  I'm sticking with 1.1.4 mainly because the features from this extension and the seo extension weren't put in the 1.2 core release.  As such, I don't have the desire to upgrade.  If these features are important to you, you might consider doing the same.  Good luck.
May 14, 2008 at 10:01 PM
Rickard, I tried to add an additional role to the Role.config file, and then add an additional one of these to the web.config file,

<location path="Administration">
<
system.web>
<
authorization>
<
allow roles="Administrators"/>
<
deny users="*"/>
</
authorization>
</
system.web>
</
location>

where I changed the path to go directly to the page (.config) file I wanted to only allow the new role to access, hypothetically shouldnt this have worked or is there a lot more code changes that needed to be made in other files?

 

May 18, 2008 at 6:20 PM
Hi
If you do the extension feature from http://www.codeplex.com/MyWebPagesStarterKit/WorkItem/View.aspx?WorkItemId=13162 ,then you will have this options. Where are the main problem you get, when doing this update? Tell me, I try to help if it's possible.
This makes it possible to change and configure each user permisson on a specific page.

You can set permisson by "role" for each user. If a user that has access to a page for eg "Resellers" and is a part of that role, gives access to the page, but a another user doesn't even see that page in his/her menu.
May 19, 2008 at 4:15 PM


rickardmagnusson wrote:
Hi
If you do the extension feature from http://www.codeplex.com/MyWebPagesStarterKit/WorkItem/View.aspx?WorkItemId=13162 ,then you will have this options. Where are the main problem you get, when doing this update? Tell me, I try to help if it's possible.
This makes it possible to change and configure each user permisson on a specific page.

You can set permisson by "role" for each user. If a user that has access to a page for eg "Resellers" and is a part of that role, gives access to the page, but a another user doesn't even see that page in his/her menu.


The extensions dont work with the 1.2 Beta because they over write some of the code you wrote into 1.2 making it not work.
Jun 12, 2008 at 3:24 PM
I needed role-based security feature and also needed new features from 1.2.1 (except power user feature). So, yesterday, I sat down, and took power user feature from 1.2.1, and incorporated role based security feature from 1.1.4 into 1.2.1 since for me, role based secuirty feature weigh more that being able to have power users. I may add this power users thing later. It seems working fine (at least as well as 1.1.4). All credits go to the person who created 1.1.4 role-based security extension. Only thing I added was to put a link (Roles management) under Administration so that you don't have to type the url to do role management. Only problem is I don't know how to make this downloadable for everybody.