Securing_Web_Pages_with_Role_Based

Securing Web Pages with Role-Based Security

Most applications serve a variety of constituents – customers, customer service, marketing, sales, and management, to name a few. It’s increasingly common in contemporary web applications to permit much broader access to applications and their underlying data than was common with client server applications, which had more restricted user bases. With broader use comes an increased need to partition data according to the user type – and sometimes down to the individual user as well.

One of the most convenient security mechanisms is role-based security because it allows individual users to be assigned into roles, and then access granted at the role level. This makes for convenient administration because most applications need just a handful of roles – 5 or 10 at most – but may have thousands of users.

Broadly speaking, Iron Speed Designer generates three types of role-based security:

Simple sign-in authentication. Application users must sign into the application. Only users with user names and passwords can sign in, giving you control over who can access your application.
Single-role authentication. Application users must have a designated role in order to access a particular web page. Individual web pages are configured so that only those users with the designated role can access the page.
Multiple-role authentication. Individual web pages are configured to accept users who have one of several designated roles.

With role-based security, you can:

Define user names and passwords.
Create and assign multiple user roles for your users.
Configure each web page for access by designated user roles.
Generate your application’s entire role-based security infrastructure.

Securing Web Pages with Role-Based Security

See Also