How can I use claim for data-level authorization?
For example,
Project 1: User A, User B, User C
Project 2: User B
Project 3: User C
Meaning
User A can only access Project 1
User B can access both Project 1 and 2
User C can access both Project 1 and 3
How do I implement the above logic?
Related
We have 2 websites A & B and users as AA & BB. User AA should only be able to import application, Start, Stop & Restart website A. Same goes with user BB for website B.
Also when user AA logs in then other website B should have this symbol:
[1]: https://i.stack.imgur.com/HIv7q.png
Have tried following things:
Added users to IIS Manager Permissions.
Added users to IIS Manager Users too.
Changed Identity to specific user at App pool level.
But it's not working as intended.
How do we achieve this?
I have multiple projects with multiple authentications. Authorized users from Project A and Project B access the database of Project C. In the database rules of Project C, I need to know where they came from (Project A or Project B) to write better rules for them.
For example, authorized users from Project A should not have the ability to delete documents while authorized users from Project B has that ability.
I can use the Custom Claims mechanism. I give users from Project A and Project B different roles (i.e. AAdmin and BAdmin) using custom claims once they signed in. Then, I check their roles in Security Rules.
Java 8 + Spring MVC 4
I am learning to the programme and came across one scenario.
There are different roles
1) Admin
i) ABC Admin
ii) XYZ Admin
2) Normal
ABC Admin logged into the system and created a contract, with contract_id: 123
Edit URL is : localhost:8080/myApp/contract/edit/123
XYZ Admin logged into the system and copy pasted above edit URL in the browser.
(Ideally, XYZ Admin should not be able to edit the ABC admin contracts and vice versa)
I need some suggestions/ideas what should I use for this.
I did a search on google and got spring security will be the fit case for this.
You can use
#PreAuthorize("hasAnyRole('ROLE_ADMIN','ROLE_USER')") for access multiple role on a single method
or
#PreAuthorize("hasRole('ROLE_ADMIN')") for only one role on method level in Controller/DAO classes.
I am building a portal which handles registrations in a different way.
Step 1 : It requires users to nominate other users based on their email id.
Step 2 : Then the admin approves the user email id ( and probably give in the user name there itself )strong text
Step 3 : An email is sent to the user that the new id has been created and only then the user can login.
Is there a way to accomplish this task ? I read the user module forums but couldn't get the required information.
Thanks in advance :)
Steps 2 and 3 are built-in features of Drupal i.e. admin users can create user accounts and notify them about their newly created accounts. For step 1 you may consider the Webform module (http://drupal.org/project/webform). Create a webform for authenticated users where they can put email addresses and submit.
suppose i have a forms authentication in my application. once authenticated, it can access certain folders / controllers in my website
auth level 1 -> profile,history,change password
but, certain users can access another part of site if they pass level 2 . this type of users are like resellers (like sellers of accounts, etc)
auth level 2 -> sell accounts, view online users
the question is, how can i implement this another forms authentication in mvc 3 app? can these 2 form authentication coexist? tnx
Surely you only need the one auth method.
What you are describing sounds like you want to implement "roles". I dont understand why you need 2 form authentication processes.
http://www.asp.net/mvc/tutorials/authenticating-users-with-forms-authentication-cs
https://web.archive.org/web/20211029043732/https://www.4guysfromrolla.com/articles/082703-1.aspx