September 25, 2010 at 10:03 am
We will be releasing a site for our client, one of the question I am trying to answer is "How do I know they are who they say they are?".
There are various ideas I have in mind in order to tackle question. At the same time, I do not want to put so much security constraint that it becomes cumbersome for clients to register and use the site for their benefit.
I am interested on hearing from anyone who has good suggestions or have implemented something of this sort.
September 27, 2010 at 1:47 am
JStevenson1 (9/25/2010)
one of the question I am trying to answer is "How do I know they are who they say they are?".
login/username are provided by the admin( who is handling the customer care dept).and he/she is the person who knows which and what privileges and restriction should be given to customers/clients, based on their requirements.
-------Bhuvnesh----------
I work only to learn Sql Server...though my company pays me for getting their stuff done;-)
September 27, 2010 at 1:53 am
you can create various role in your application and then tag the users in those roles.
So for example you have one group as AppAdmin who have unrestricted access of application and can see all modules. This role you then configure in database and give appropriate permission. Once your role created successfully then add the user/s in this role but must consider the sensitivity of permission attached with role.
Similarly you can create role specific to a perticular functionality and keep filtering it further as much secure you want your application.
----------
Ashish
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply