Page Filter in C#

  • Thread starter Thread starter Andy Le
  • Start date Start date
A

Andy Le

Your opinion is appreciated.

I am thinking about building a role-based security module for my web
based application. Here is what I have in mind:

1. Build a page filter class which enherits from IHttpModule and
overide the Stream.Write() method....to basically remove the
restricted html elements based on the user's role before the html
comes back to the browser. Any defects in this design or do you see
any other better approaches ?

Thanks
 
Hi,

You have mentioned you are implementing role based
security. Roles are often responsible for working with
certain business entities that could be displayed in
UserControl (for caching, UI process, etc.).

So another possible approach in such case could be to
develop some attribute and apply it to class inherited
from UserControl, which would simply handle the display
according the attribute parameters such as groups, users
and display mode (hide or disable controls).
The benefits in this case:
- Easy to create;
- Simple attribute based programming later;
- All the benefits from the UserControl;
- And one more - the ViewState will have everything as it
should have. Just by removing HTML elements you'll have to
be carefull about this;
Drawbacks:
- Not sure, but probably streams could be a bit faster;

Romualdas

-----Original Message-----
Your opinion is appreciated.

I am thinking about building a role-based security module
Click to expand...
for my web based application. any other better
approaches ?
 
Just thought,

maybe dynamically loading different UserControls could be
enough (see IBuySpy portal)?

Romualdas
 
another idea,

maybe it would be sufficient to load user controls
dynamically (like in IBuySpy)?

Romualdas
 
Back
Top