Which design approach can be used, already exists or new ones to implement security system in MVC web-application?
Possibly there are patterns, best practices, e.g. in some popular languages, e.g. Java, .Net or whatsoever?
On which level is it better to implement it: model or controller or something between them?
I faced that primitive approach results in spreading security checks among many controllers or models depending on implementation, mixing with code of levels.
But it is not obvious for me in which way to design security in better way.
I have an MVC application.
I need flexible system of access rights.
I have and hierarchy of categories and entities in categories.
Some user can edit/view/add/remove one on set of categories, another users - other categories.
It is also required that depending on user role some fields of model should not be retrieved from DB (null should be returned)
Admins should be able to assign different access rights.
You should be using .Net's built in member ship providers. By default a new MVC 3 Internet Application Visual Studio project template will give you basic login code. Clicking on the 'manage' your site button from within visual studio will give you the web interface to manage the users and roles. Create your users/roles, then define [Authorize(Roles="Admin,Users")] on your Controller class definition or on your method definitions. DO NOT define URL access as was done in Asp.Net Web Form applications as there are multiple URLs that could map to a single place. Use the Authorize attribute instead.
Also check my response here:
What features do I need to have before I open an ASP.Net app onto the internet?
In addition make sure you use Html.AntoForgeryToken in your views and [ValidateAntiForgeryToken] on your [HttpPost] controller methods (ie any methods you post back to)
Related
I am authoring an installer that creates a new website and application pool. This installer is for internal use within several development environments which all have subtle differences. One may use only HTTP, another only HTTPS and one might use both. One might use the default ApplicationPoolIdentity identity where as another may use an explicit User reference.
Given the association of a WebAppPool is by ID through a WebApplication which must be nested under a WebSite, each time an option is desired on the installer, the breakout and duplication of features gets ridiculous.
I imagine I am not the first to encounter this, how does one accomplish this much flexibility within an installer?
The route I went with was creating a basic template within WIX using expected IDs, then used an immediate custom action scheduled before InstallValidate which manipulated the template entries to what ever degree was required. The properties used by the CA to make the decisions are stored in the registry for modify/patch/removal invocations.
I am starting to play with Orchard's multi-tenancy options to enable a single codebase to host dozens of websites (perhaps over a hundred in the future). The pieces I'm unclear on with this are:
Is it possible to call one or more API endpoints to dynamically create these sites from code on my end? Meaning, we have an existing codebase (non-Orchard) in .Net so what API(s) would I call to create these sites on the fly without having to login and do it manually?
In conjunction with #1, are there API(s) for us to create the individual users for the newly created sites that have a pre-configured set of minimal permissions (create content, deal with media, navigation) and blocking others (settings, user management, etc.)? Our client base for this process is not particularly computer savvy so limiting what they can break will go a long way in saving our support staff having to fix stuff they shouldn't be accessing to begin with.
Is there a way to handle SSO within these multi-tenant sites? The difficult part here would be our site relies on Session variables for access (it's a hybrid of classic ASP and .Net that I'm trying to modernize, but have to leave things like Session in for all the old stuff to work)? I'm guessing this would get into building a module, but know that's a rather advanced process so I'm trying to avoid it if possible.
Thanks in advance!
Yes, but Orchard doesn't easily integrate into existing applications. dotNest is an example of Orchard sites being created dynamically: http://dotnest.com/knowledge-base/topics/lombiq-hosting-suite
Yes. Users can be created from code, and you can assign them restricted permissions, the simplest way of doing it being to create a group with that permission set, and to put those users into that group. All of that can be done from code.
Just use oAuth like the rest of the world.
Just forget about integrating Orchard into an existing application. Especially classic ASP ;) Time to move on.
Now our team is facing new project - creation of new company's intranet portal. Because of some reasons we are considering java open source portals and deciding between Liferay and GateIn.
One of very important requirements is following: portal representation for users must depend on country/language settings of customer computer, it means not only portlets localization but users in US subsidiaries of the company should see probably other structure than users in France.
Is it possible to implement the requirement in Liferay and GateIn?.
This can definitely be achieved through Liferay. Please have a look at the concepts of creating organisations.
Am not sure if this can be done in GateIn. However, there are many other things that you may need to keep in mind before choosing these Portals. I have tried to mention few of them here.
1. Check the stability of the Portal server that you will choose to run on a particular Container. GateIn initially was unstable.
2. You may have to override few files (for your customization) if required. GateIn uses GTMPL view technology for the same. Check how good are you in this. In this case, Liferay is easier (Liferay doesn't use any GTMPL UI framework)
3. Apart from developing a location based Portal, if you are also trying to achieve other things like fully Ajax based pages, a good UI framework (like JSF) etc then check if the Portal server you are choosing runs on a particular Container which supports Ajax, JSF (latest versions)
Above were few and list may grow. But, to conclude I would suggest to go for Liferay :)
This can be achieved with Gatein at different level :
Sites : you can declare multiple sites running on the same portal instance(sharing same User Base). In this case you can automatically redirect user to different country sites, based on the country/language of the user.
Sites Navigations : Gatein provides portal, group and user navigations. Navigation is created dynamically when a user connects to the portal. You can have only websites, navigation will created dynamically by user (based on group and user permissions).
Pages (Dynamics layout rendering): GateIn renders each page dynamically. A page is composed of multiple containers that contains portlets or gadgets.
By setting permissions on each container and by using User Group or Membership of the connected user, it's possible to have different page layout.
Of course, you can also mixed these 3 approaches to build your portal.
Liferay is very buggy, and community is very bad. Unless you pay the support.
GateIn promises much, but still lacks functionality.
You may consider JBoss Juzu and Apache Struts to develop generic portlets in order to void any portal vendor lock-in.
Struts provides features of internationalization, localization, timezones achieve my project.
I make use of struts2-portlet plugin to achieve a reporting portlet running on multiple portals. Here is my sample: code.google.com/p/jasperrocks/wiki/Features
I'm an experienced developer, but new to Silverlight, Prism, MVVM and all related stuff, and I have a need for a flexible approach regarding security in a new application I'm developing.
I have this security model implemented through a custom security framework I built for WinForms (actually Visual WebGui), but I need to get some guidelines on how to implement this for Silverlight or if there is something already built that I can use.
All modules implements two interfaces, ISecurableModule and ISecuredModule.
ISecurableModule is used to register modules with security repository.
ISecuredModule is used to enforce security.
In my Winforms app, at startup (actually after a new install, at first start), a module is started that through reflection inspect all assemblies, looking for modules implementing ISecurableModule interface. This interface reports if a module ce be started in Add Mode, Edit Mode, View Mode or None of them (e.g. a reporting module or data fetch / filter can be open only in View mode, as no data can be changed in it, but a data entry can be open only in Add, or in Add / Edit, or in View)
All this data is saved into security repository.
To define security rights, I can create security categories - that is, e.g. Inventory Operator, Inventory Supervisor, Payroll Operator, Payroll Supervisor, etc. For each category, I assign modules selected from security repository, with appropriate rights (e.g. for Inventory Operator I assign module Reception Inventory Operation or Transfer Inventory Operation with Add and View rights, and for Inventory Supervisor I assign all inventory modules with full rights)
Then I create Inventory Operator Role, and assign him the Inventory Operator Security category. I can assign several security categories to each role (because I can create security categories with a higher granularity - e.g. security category to manage own account or to manage group of users - which will be granted to supervisors, etc)
Then at runtime I have the concept of workplace (like shell in Prism) where I can load modules dynamically (really dynamically, I use ServiceLocator pattern to locate a component based on the interface it implements and then there is a controller for each class of module - modules implementing the same interface - which can use a enum field to identify which module to actually load for the time of data needed to process). The workplace controller uses a security provider which check the access rights for module to be loaded against the access rights for current user.
In my SL4 app I want to use MVVM pattern, and thus I want to have my views codeless and drive the whole functionality through ViewModel, ICommands and data binding. So I need some suggestions on how can I accomplish this sort of functionality I described into a SL4 app. I'm not particularly tied to Prism, so I will consider if there is another SL4 framework which can help me accomplish this goal.
You could try to protect the Silverlight application in many ways but in the end you cannot trust the client.
A couple of guidelines I use:
Protect the wire: use ssl to protect communication between SL and the back-end (perhaps even issue custom tokens to be able to invalidate a connection)
Do not rely on secrets in the Silverlight application (private keys, custom encryption methods, isolated storage) because they are easily broken
Put all important logic and security checks on the server.
Always check authorization when a receiving a (service)call; you never know who is calling unless you check.
I only use authorization on modules to reduce the download; if you are not authorized to use a module why download it?
I have a rather large project developed on Sharepoint and Project Server, designed as a multi-tier application. I programmatically manage web parts on certain web part pages. According to the choices of the user in one of the web pages, appropriate web parts are added to the web part collection of another web part page. My problem is that I simply do no know where to manage the web parts, should I do it in the BLL and then have the assembly containing the business logic reference the UI assembly where the web parts are? (I need to instantiate the web parts when adding them to the collection, since I do not want to use hard coded strings representing the web part dwp.)
It really depends on what pattern you're using for your BLL and UI layers, and how strictly you want to follow it.
If you're doing a MVP pattern then I'd suggest that you have the Page implementing an interface which has one (or more) of the following options:
A stack which the Presenters to load are added to
A Load_WebPartName event for each web part which then should be called to indicate which webpart(s) need loading
To be strictly MVP you should not reference the following assemblies in your BLL project:
System.Web
Microsoft.SharePoint
Microsoft.SharePoint.*
(All SharePoint assemblies would be in either the Model or UI projects, the BLL is just connecting to the appropriate hocks)
Can you package the web parts as a feature or set of features and then simply manage the feature(s) activation/deactivation through the web part manager class?
Any programmatic massaging of the web part that needs to happen on the appropriate web part page can be handled in the feature receiver, so your manager doesn't need to be so aware of the web part UI.
HTH,
jt
Web parts are generally best managed using the feature/solution framework. You may treat the webpart classes you write as any other web control, and thus a part of the ui layer. I generally keep the information in the xml files (the .webpart or .aspx files) to a minimum. If you are managing them exclusively, you don't really need to use declarative code files at all.
The short answer: webparts are sharepoint specific ui, and should have no knowledge of the business layer.
The short answer is probably "no, you should not do this in the BLL." A purist might argue that while the BLL may rightfully determine what a user can or can't do, it is up to the UI tier to determine the appropriate web parts to be displayed as a result.
For example, the BLL might determine a user's capabilities and expose them as roles, or permissions or something else with domain-related meaning (e.g. timesheet approver role, approve timesheet permission, etc.). These might then be mapped to a set of web parts by the UI tier (e.g. timesheet approval web part). In this way, the BLL effectively determines the users capabilities and the UI tier determines the UI for those capabilities.