asp.net - simplemembership provider tied to system.web -


we use simplemembership provider in our app. however, feel validating user in role should part of business logic. simplemembership requires dependency on system.web not reference in business logic.

is there way decouple system.web simplemembership provider?

i not sure agree validating user in role should part of business logic. hear more details reasoning. if going put authorization in business logic here method still decouples security model business model. article explains how using new asp.net identity used in mvc 5, same concepts work simplemembership. dependent upon reasoning moving authorization business logic, the approach described here may meet requirements.

it appears comments trying reuse authorization logic placing in business logic, therefore not having rewrite authorization logic each type of client put in. fact logic different dependent upon client. take example of comparing authorization mvc view opposed web api. mvc framework provides 2 different authorizeattribute each because want behave differently on authorization failure. if authorization fails on view want redirect logon page. if authorization fails on web api call want return http unauthorized error. 2 different behaviors different types of clients access same business logic.

i think coupling security logic business logic make business logic less reusable across different implementations. in microsoft's business layer guidelines state, "do not mix authorization code , business processing code in same components." further decouple security model application using approach described here. allow change security model @ run-time instead of having recompile , redeploy application. , security model change.


Comments

Post a Comment

Popular posts from this blog

user interface - How to replace the Python logo in a Tkinter-based Python GUI app? -

is there way change default logo, python logo , appears in window's task bar? notice have replaced default tk logo used appear in application window. i using windows 7 , python 2.6 , developing gui of tkinter. you can using winico tk extension package. winico package can used add system tray icons tk programs. the following sample shows 1 way change runtime application icon. note need provide .ico file suitable sizes of icons in on command line , need use pythonw. not change taskbar icon console when running python script. test extracted winico0.6 package python\tcl\winico0.6 folder package require winico work , ran code below using pythonw winico_test.py path\to\some\ico\file.ico . import sys tkinter import * def main(argv): root = tk() root.update() root.tk.call('package','require','winico') id = root.tk.call('winico','createfrom',argv[1]) root.tk.call('winico','setwindow',root,id...
Read more

objective c - Greedy NSProgressIndicator Allocation -

i'm using bunch of nsprogressindicators @ once (32 exact) , looks when they're animating start allocating memory no one's business greedy_run http://i62.tinypic.com/15rgmso.png i've got reports app slowdown , crash after days of uptime, , looks culprit, it's hard pinpoint bugs take days appear. i comment out call start animating, memory behaves expected. result of multiple nsprogressindicators alloc'ed on same thread? or maybe sandboxing? of constant allocations coming core animation threads, don't know else going on. custom nsview progress indicator lives in @interface myview () @property (nonatomic, strong) nsimageview *imageview; @property (nonatomic, strong) nstextview *numbertxt; @property (nonatomic, strong) nsprogressindicator *progress; @end @implementation myview - (id)initwithframe:(nsrect)framerect { self = [super initwithframe:framerect]; if (self) { // image nsimage *image = [nsimage imagenamed:@"bg.png"]; c...
Read more

how to set an OCR language in Google Drive -

i need upload image google drive including ocr feature. the problem setocrlanguage method. need specify hebrew language , based on iso 639-1 codes should "heb". i'm getting response "code" : 400, "errors" : [ { "domain" : "global", "location" : "ocrlanguage", "locationtype" : "parameter", "message" : "invalid value", "reason" : "invalid" } ], any idea should code or can list of avaliable codes?
Read more