Once the user is authenticated, you might need to control user's access in the application. You might need to display only relevant information to the user, according to the user's permissions.
This chapter explains how to control user's permissions to see a page, to see a part of a page or to make some action, such as click on the button.
PortSight Secure Access provides following types of authorization:
-
Authorization based on membership in groups or organizational units - you can simply check if user is member of some group or organizational unit.
Role-based authorization - it's similar to the previous one. You can check if user is member of some role, such as "Administrator", "Manager", etc. These roles are always associated with particular application.
-
Resource-based authorization (permissions) - you can define your applications and application parts (modules) in the Secure Access catalog. They represent a resource. Then you can define permission types (such as "Read", "Write", "Approve", etc.) and grant users (or groups, organizational units or roles) permissions. Then you can check in your application if user has particular permission.
Controling access to Web content - you can set up your Web site so that it checks user's permissions when particular content (such as Word document, image, etc.) is required.
|
Source code | |
|---|---|---|
|
In this chapter we will re-use the application created in the previous chapter. You can copy these applications from the Examples folder in the Secure Access installation folder. You can also find a complete source code from this and next chapters in the "Examples\VB\SASampleVB" (or "Examples\CS\SASampleCS") folder in the PortSight Secure Access installation folder. |
||