dimanche 24 avril 2005 00:55Hello,
I have this question:
We know that Enterprise Services (ES) offers secure model i.e. Role Based Security (at a cost of added comlexity) But can one achieve this purely using ADO.NET based model? If no, how can I simulate the Role Based Security if we dont want to go the ES route?
Toutes les réponses
dimanche 24 avril 2005 20:03Hi,
you are comparing quite different things: ES is a framework which (amongst other features) allows you to configure who is able to use components or their methods. So there exists some "configutation database" where the roles and their members are defined and what they can access.
ADO.NET is a framework for accessing relational data from some data server and that server's security capabilities might secure the objects living in that server.
So what would you secure in ADO.NET? Surely not one of the ADO.NET classes? Maybe the objects which are accessed through those classes.
Thinking about relational databases: secure maybe tables, maybe stored procedures. But that would meen that your clients would have to directly authenticate on the database server and you would need to use Windows groups as a replacement of the ES roles. Is that less complex than defining roles in ES?
With ES you get the role management for free. By designing classes for the use in ES you can also use meaningfull names making the administration of security more obvious: Role Admin can use Person::Add, Change and Remove - Role User can use Person::Read. That might be easier than configuring security on tables and stored procedures.
lundi 25 avril 2005 14:36Thank you SvenC, that was very helpful. I am well aware of the difference between ES amd ADO. The short answer from what you said is the ADO.NET namespace is not shipped with role-security. I guess to achieve similar functionality, i will either have to implement is in-code or rely on the DB/windows groups.