Patterns for user authorization / permission

3

Are there other standards for user authorization / permission other than the standard Role-based access control implemented by Microsoft for .NET technologies?

    
asked by anonymous 16.06.2014 / 20:27

2 answers

1

By Microsoft, there are basically 3 ways to design pattern for permissions:

  • By Roles;
  • By Claims;
  • By some other standard implemented by the user ( link )

The most widespread pattern is Role-Based , precisely because until the emergence of ASP.NET Identity the default using up MVC4 was Membership and its variants Simple Membership , Extended Membership

16.08.2014 / 00:46
1

It depends on the technology you are using. If you are using MVC, I would suggest you customize a class and specify the roles, for example the AuthorizeAttribute class (System.Web.Mvc).

This link explains it right and has some examples:

AuthorizeAttribute Class

    
16.06.2014 / 21:53