setting default role for unauthenticated users

Email lists > Building Dot Net Applications for the web

Thread: setting default role for unauthenticated users

Search this list only Search all lists
setting default role for unauthenticated users
	2006-04-10 09:10:12
Hi, Is there a way I can setup a default role for unauthenticated users? That is I want the user to belong to a "anonusers" group, till he logs in. I am using sql server 2005 with role manager and membership apis. baris =================================== This list is hosted by DevelopMentor® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com

setting default role for unauthenticated users
	2006-04-10 16:35:20
Until the user authenticates, they are an anonymous user within your application. You could have one, ten, or a hundred anonymous users at any given time. In other words, you really don't need a role; just restrict your anonymous user. On the other hand, you probably don't even need anything else anyway. As an anonymous user, they should not have access to anything until they have logged in, so they have already been excluded from a role perspective because the anonymous user is not a member of any of your functional roles. In other words, forget about it. Just make sure that anonymous users are denied to the areas that require authentication by means of your web.config file and the location element. Christopher Reed Web Applications Supervisor Information Technology City of Lubbock creedmail.ci.lubbock.tx.us "The oxen are slow, but the earth is patient." >>> devrimbarisGMAIL.COM 4:10 am 4/10/2006 >>> Hi, Is there a way I can setup a default role for unauthenticated users? That is I want the user to belong to a "anonusers" group, till he logs in. I am using sql server 2005 with role manager and membership apis. baris =================================== This list is hosted by DevelopMentor® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com

setting default role for unauthenticated users
	2006-04-10 17:31:03
Thanks Christopher, Maybe I should have been more clear. The problem is that I am working on a simple content management system and I want to be able to give the content managers the ability to choose the contents that will be visible to anonymous users and site registered users. The system works on the roles basis, that is I need to know the logged in user's role in order to restrict access. For anon users as there is no default role I can map to ,so I can't know what to restrict. I have managed what I want via global.asax authentication_request hookup, and giving each request an anon formsauthentication ticket, but this is cumbersome and as far as I can feel not a neat solution. Maybe on these basis you can give some more insight , Thanks in advance... baris On 4/10/06, Christopher Reed <CReedmail.ci.lubbock.tx.us> wrote: > Until the user authenticates, they are an anonymous user within your application. You could have one, ten, or a hundred anonymous users at any given time. In other words, you really don't need a role; just restrict your anonymous user. > > On the other hand, you probably don't even need anything else anyway. As an anonymous user, they should not have access to anything until they have logged in, so they have already been excluded from a role perspective because the anonymous user is not a member of any of your functional roles. In other words, forget about it. Just make sure that anonymous users are denied to the areas that require authentication by means of your web.config file and the location element. > > Christopher Reed > Web Applications Supervisor > Information Technology > City of Lubbock > creedmail.ci.lubbock.tx.us > "The oxen are slow, but the earth is patient." > > >>> devrimbarisGMAIL.COM 4:10 am 4/10/2006 >>> > Hi, > Is there a way I can setup a default role for unauthenticated users? That is > I want the user to belong to a "anonusers" group, till he logs in. > > I am using sql server 2005 with role manager and membership apis. > > > baris > > =================================== > This list is hosted by DevelopMentor(r) http://www.develop.com > > View archives and manage your subscription(s) at http://discuss.develop.com > =================================== This list is hosted by DevelopMentor® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com

setting default role for unauthenticated users
	2006-04-10 18:30:42
I think asp.net 2.0 supports some personalization stuff for anon users. I haven't investigated the details though. -----Original Message----- From: Discussion of building .NET applications targeted for the Web [mailtoOTNET-WE BDISCUSS.DEVELOP.COM] On Behalf Of Christopher Reed Sent: Monday, April 10, 2006 12:35 PM To: DOTNET-WEBDISCUSS.DEVELOP.COM Subject: Re: [DOTNET-WEB] setting default role for unauthenticated users Until the user authenticates, they are an anonymous user within your application. You could have one, ten, or a hundred anonymous users at any given time. In other words, you really don't need a role; just restrict your anonymous user. On the other hand, you probably don't even need anything else anyway. As an anonymous user, they should not have access to anything until they have logged in, so they have already been excluded from a role perspective because the anonymous user is not a member of any of your functional roles. In other words, forget about it. Just make sure that anonymous users are denied to the areas that require authentication by means of your web.config file and the location element. Christopher Reed Web Applications Supervisor Information Technology City of Lubbock creedmail.ci.lubbock.tx.us "The oxen are slow, but the earth is patient." >>> devrimbarisGMAIL.COM 4:10 am 4/10/2006 >>> Hi, Is there a way I can setup a default role for unauthenticated users? That is I want the user to belong to a "anonusers" group, till he logs in. I am using sql server 2005 with role manager and membership apis. baris =================================== This list is hosted by DevelopMentor. http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com =================================== This list is hosted by DevelopMentor® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com

setting default role for unauthenticated users
	2006-04-10 18:58:11
Actually, you already know what to restrict for anon users. Anything that you want to allow only certain roles to have access, you would deny access to the all other users. Once you have set up your system with respect to which roles are allowed what type of access, what is left is restriction of all of anon users. My point is that the "default role" is not to set a role for the users who are restricted; define your roles for what you want allow users to access. Christopher Reed Web Applications Supervisor Information Technology City of Lubbock creedmail.ci.lubbock.tx.us "The oxen are slow, but the earth is patient." >>> devrimbarisGMAIL.COM 12:31 pm 4/10/2006 >>> Thanks Christopher, Maybe I should have been more clear. The problem is that I am working on a simple content management system and I want to be able to give the content managers the ability to choose the contents that will be visible to anonymous users and site registered users. The system works on the roles basis, that is I need to know the logged in user's role in order to restrict access. For anon users as there is no default role I can map to ,so I can't know what to restrict. I have managed what I want via global.asax authentication_request hookup, and giving each request an anon formsauthentication ticket, but this is cumbersome and as far as I can feel not a neat solution. Maybe on these basis you can give some more insight , Thanks in advance... baris On 4/10/06, Christopher Reed <CReedmail.ci.lubbock.tx.us> wrote: > Until the user authenticates, they are an anonymous user within your application. You could have one, ten, or a hundred anonymous users at any given time. In other words, you really don't need a role; just restrict your anonymous user. > > On the other hand, you probably don't even need anything else anyway. As an anonymous user, they should not have access to anything until they have logged in, so they have already been excluded from a role perspective because the anonymous user is not a member of any of your functional roles. In other words, forget about it. Just make sure that anonymous users are denied to the areas that require authentication by means of your web.config file and the location element. > > Christopher Reed > Web Applications Supervisor > Information Technology > City of Lubbock > creedmail.ci.lubbock.tx.us > "The oxen are slow, but the earth is patient." > > >>> devrimbarisGMAIL.COM 4:10 am 4/10/2006 >>> > Hi, > Is there a way I can setup a default role for unauthenticated users? That is I want the user to belong to a "anonusers" group, till he > logs in. > > I am using sql server 2005 with role manager and membership apis. > > > baris =================================== This list is hosted by DevelopMentor® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com

[1-5]

about | contact Other archives ( Real Estate discussion Medical topics )