1

I need to implement a security framework for a multiuser application that is in the design phase. I intend to use a Role based access control RBAC Security model (- BUT which can be further refined by the user adding additional privileges).

Are there any existing C# "security frameworks" that I can use (at least as a starting ground), or do I have to write it from scratch?

As an aside, I would prefer a "pure library" approach - as I don't want to be constrained to desktop or web application type using the security framework.

oompahloompah
  • 9,087
  • 19
  • 62
  • 90

1 Answers1

2

The .NET framework makes it very easy to implement Role-Based security in your application. Enforcing security consists of two parts, Authentication and Authorization. The .NET framework provides access to the user through an identity and authorization access through a principal. Thread.CurrentPrinicpal gives you access to the current principal assigned to the executing thread.

You can implement role based security framework easily by using IPrincipal and IIdentity interfaces.

Here is a complete example to create your RB security framework.

CharithJ
  • 46,289
  • 20
  • 116
  • 131