Security Access, Application Implementation.

Results 1 to 4 of 4

Thread: Security Access, Application Implementation.

  1. #1
    Heaven's Martini Guest

    Default Security Access, Application Implementation.

    Well,<BR><BR>In the quest for true security in an internet/intranet app, I have reached the crossroads, hope someone could point me in a direction, preferably the correct one.<BR><BR>Thought Processes:<BR>I have an Application I expect to have ... 30 users (max)<BR>at a time, common would be 5-10.<BR><BR>I fire a session variable to hold the id of the user (for general security and a ton of other things) <BR><BR>I now have about 20-25 sections of the app (Categories so to speak). <BR><BR>There are 10-11 User Groups.<BR><BR>Each Group has 3 options for rights.<BR>Write &#124 View &#124 None<BR><BR>I am curious as to what yall think about the best implementation<BR>:a Session Array<BR>:An Application Array for each group<BR>:or an application array for all groups.<BR>:Database call.<BR><BR>I will set a var at the page level to determine category.<BR>[about a 1000 pages now,only half need to be set]<BR><BR>Another Alternative would be to set security based on the <BR>folders. I am not real sure this solution is great, but it was a passing thought.<BR><BR>So all in all, I would like some ideas on implementation.<BR>&#039;preciate the time.<BR><BR>Vivaldi,HM, or [Zach]

  2. #2
    J. Paul Schmidt Guest

    Default I'd vote for the application array

    You wrote:<BR>&#060;&#060;...<BR>I now have about 20-25 sections of the app (Categories so to speak). <BR><BR>There are 10-11 User Groups.<BR><BR>Each Group has 3 options for rights.<BR>Write &#124 View &#124 None<BR>...&#062;&#062;<BR><BR>From what you&#039;ve written I&#039;d probably vote for your option of an application array for all groups.<BR><BR>Best regards,<BR>-Paul<BR><BR>J. Paul Schmidt, MBA<BR>Databases on the Web<BR><BR>

  3. #3
    Join Date
    Dec 1969
    Los Angeles, CA

    Default My vote for a session array

    Why keep it at the application variable?? It will be changing based on the user...why keep changing an application variable??<BR><BR>Keep it at the session level and set the permissions for a user in that variable/array..<BR><BR>IF you can catogrise all your pages in folders and not more than just a handful will be in more than one folder then you could go with the prem at the folder level also..why not

  4. #4
    Heaven's Martini Guest

    Default what about chads

    Hmm<BR><BR>Well, in the application style.<BR>I would load in which the group rights. <BR><BR>I have the app divided rather well at the folder level, but I wasnt sure how expensive a server variable call would be on a per page basis. I had read somewhere that a call to request.servervariables was performance expensive and this app is pretty beefy as it is already.<BR><BR>I can sit down with and do the permissions by page pretty easy, going to set up a "data dictionary" if you will, this way i can use integers instead of strings. <BR><BR>Thanks for the advice.<BR>Have a good weekend<BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts