Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / Windows Forms / WinForm General / October 2007

Tip: Looking for answers? Try searching our database.

Securing Windows Form Controls In VB.Net 2005

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
squig9@verizon.net - 25 Oct 2007 02:48 GMT
Hello,
I am am trying to come up with a way of securing controls inside of a
VB.Net 2005 application. I have searched and found information on
Window Security but it all seemed based on ASP.Net. I am looking to
have a user log in and obviously verify the username and password.
Upon successful login, windows buttons located on a main menu would be
enabled based on the user access that logged in. I want to have three
levels of security. One as read only, one that has limited access to
certain forms and another that has full access. I want one user to be
able to access a screen with controls such as text boxes but not be
able to edit them. Is there any good concepts out there on how to
manage this efficiently? Any help would be greatly appreciated.
Thanks, J
Reply to this Message
Andy - 25 Oct 2007 19:45 GMT
On Oct 24, 9:48 pm, squ...@verizon.net wrote:
> Hello,
> I am am trying to come up with a way of securing controls inside of a
[quoted text clipped - 9 lines]
> manage this efficiently? Any help would be greatly appreciated.
> Thanks, J

Hi,

Typically the easiest way is to use Windows Integrated security.  To
use this, set the Thread.ThreadPrincipal to a WindowsPrincipal.  You
can create one for the currently logged on user via the
WindowsIdentity.GetCurrent method.

>From then on, your application can use the principal's IsInRole method
to see if the user is in a particular role, and hide access to forms
accordingly.

If you can't use integrated (domain) security for some reason, you can
create your own custom Principal and Identity classes, which can
authenticate against a database and load authorization roles from
there as well.  This would be similar to asp.net, but there's not any
canned solutions in those regards.

HTH
Andy
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.