Browse by Tags

All Tags » Authorization (RSS)
Abusing IsInRole(..) is not done
Published Sat, Dec 6 2008 1:43 AM | Ramon Smits
Rockford Lhotka has writen about permission-based authorization versus role-based authorization . He describes how he is abusing the principal IsInRole(..) method. This is definitely wrong and should never be implemented that way! Besides that it could...
Filed under: , , , , , ,