• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 145
  • Last Modified:

Security Design method for forms and their controls

We are designing a system where different users have different security
levels. This applies to forms and
also certain controls on forms. What is best approach here? As forms are just
classes, an idea was to have a list of forms and using object references, block
any atempt to load a form if not allowed. Another idea was to check security when form loaded. Security
will be set up like NT ie sets of users belong to group, and a group has a set
of security actions(read file etc)
0
josereyes
Asked:
josereyes
1 Solution
 
mark2150Commented:
That sounds like a PITA to administer. How many levels of security do you need? Are the forms accessing databases? Are you on a LAN?

Setting up internal security is problematic. You can put in controls to gate access to certain forms, but the problem becomes to protect the security file from being hacked.

Depending on the app you might want to have the program look at different network directories that are controlled by standard LAN security. If they can see the directory, then the form can continue to load. if they can't see the directory, then the form immediately exits. This has the advantage of allowing the program's internal security to be controlled by the LAN's authentication. This prevents hacks on the security file and leaves the access control at the LAN level so you don't have to admin twice.

M
0
 
raybeamCommented:
Use a Password Protected database to supply username, passwords and level of each user, on each form load u must check for the user level and based on this u should enable/disable commands, features and/or maybe load certain custom forms, this is the best way to reach your goal...
0

Featured Post

[Webinar] Improve your customer journey

A positive customer journey is important in attracting and retaining business. To improve this experience, you can use Google Maps APIs to increase checkout conversions, boost user engagement, and optimize order fulfillment. Learn how in this webinar presented by Dito.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now