ProfessorOglevee
New Member
I am faced with a security model problem when migrating my code to ASP.NET.In the application:[*]There are multiple roles. (Role A, Role B etc)[*]There are multiple input/output fields. (Field A, Field B etc)[*]There are multiple permission levels controlling access to each field. (Read, Direct Edit, Edit With Approval, None)[*]Each role has its own permissions to fields. (Role A has Read Permission to Field A; Role B has Direct Edit permission to Field A etc)[*]Every role can be assigned to users and they are assigned by Geographic information. (User A is assigned to Role A for Continent: Europe - Country: Germany; User B is assigned to Role A for Continent: Europe - Country: France; User A is assigned to Role B for Continent: Europe - Country: France etc) [*]Users can have multiple roles [*]User identity is coming from Windows Authentication.So my question/problem is: is it possible to represent this type of kind of multi-layered security model using ASP.NET internal membership/role providers?If so, what should my starting point be? Creating only custom role provider with custom methods and fields be enough?