Methodologies for Managing Users and Access?
Posted
by
MadBurn
on Programmers
See other posts from Programmers
or by MadBurn
Published on 2012-08-27T17:59:52Z
Indexed on
2012/08/27
21:55 UTC
Read the original article
Hit count: 284
This is something I'm having a hard time getting my head around. I think I might be making it more complicated than it is.
What I'm trying to do is develop a method to store users in a database with varying levels of access, throughout different applications. I know this has been done before, but I don't know where to find how they did it.
Here is an example of what I need to accomplish:
UserA - Access to App1, App3, App4 & can add new users to App3, but not 4 or 1.
UserB - Access to App2 only with ReadOnly access.
UserC - Access to App1 & App4 and is able to access Admin settings of both apps.
In the past I've just used user groups. However, I'm reaching a phase where I need a bit more control over each individual user's access to certain parts of the different applications. I wish this were as cut and dry as being able to give a user a role and let each role inherit from the last.
Now, this is what I need to accomplish. But, I don't know any methods of doing this. I could easily just design something that works, but I know this has been done and I know this has been studied and I know this problem has been solved by much better minds than my own.
This is for a web application and using sql server 2008. I don't need to store passwords (LDAP) and the information I need to store is actually very limited. Basically just username and access.
© Programmers or respective owner