Saturday September 24th

Friday September 23rd

Thursday September 22nd

2 Kicks

The 3 Types of Security In Enterprise Applications

There are generally three types of security in enterprise applications: 1. Role based security - Which actions can a user do - aka role-based access control 2. Entity level security - A user can only perform an Action on certain objects/data - aka row level security 3. Field level security - A user can see or edit only certain fields of an entity – (this is really fine grained and usually a bad idea)


I can't edit my description :( but this is my quick summary of how security logic can be abstracted away using the concept of 'Entity Groups' from Rhino security. It certainly might not be right for every project, but a cohesive strategy for access control would be a big leap forward compared to a lot of projects I’ve worked on.

Commenting on Stories is limited for now and will open up to those recommended by the community. Learn how
Loading DotNetKicks...
brought to you by the Kicks Network