I need to implement security (users, roles, permissions) into my MVC project. Do you guys have a beta of your security system I can implement now? Or will it be a while until you release something?

asked Dec 30 '10 at 21:14

ara's gravatar image


edited Jan 04 '11 at 16:02

Sergey's gravatar image


2 Answers:

The security system is scheduled to 4.5 release and we are starting with it right after 4.4 final is out. Currently, 4.4 version is in beta stage and will be release in January, so I suppose that the early version (beta) of security might appear in late January/early February.

answered Dec 31 '10 at 03:42

Dmitri%20Maximov's gravatar image

Dmitri Maximov

Dmitri, is it possible to get some brief information about the concept?.. I mean is will be possible to limit data selection by some criterias for certain users? Is something like Action and Permissions will be? and etc.

I think this information will be usefull for making a decision to develop something own or to wait for next release.

answered Jan 10 '11 at 09:11

Janosh's gravatar image



Janosh, I'm going to publish a blueprint of the security system shortly (this week or next one, depending on the amount of urgent work) to make available discussions and critics on early stage.

It would be very nice to get to know different points of view and especially hear from those who are busy with a real-world application containing security scenarios.

(Jan 10 '11 at 09:51) Dmitri Maximov Dmitri%20Maximov's gravatar image

Any progress? The google task already contains quite a lot info, see http://code.google.com/p/dataobjectsdotnet/issues/detail?id=253 (especially my comment about the "Applied To" ;-) )

(Jan 16 '11 at 09:49) Marco Marco's gravatar image

Not yet, suppose will be busy with it on Thursday/Friday.

(Jan 17 '11 at 10:23) Dmitri Maximov Dmitri%20Maximov's gravatar image

Still in progress. Hoping this week will be more productive.

(Jan 24 '11 at 04:28) Dmitri Maximov Dmitri%20Maximov's gravatar image

Any progress?

(Feb 09 '11 at 12:57) Marco Marco's gravatar image

Hello Marco.

I'm sorry about the fact that the post writing was suspended. We've been extremely busy with delivering the fresh and hot 4.4 final. Hope, it will be released shortly and finally, I'll find the necessary time to continue with the task.

Thanks for your patience.

(Feb 09 '11 at 13:34) Dmitri Maximov Dmitri%20Maximov's gravatar image

Finally, we've started a series of posts concerning the upcoming security system.

(Feb 25 '11 at 11:04) Dmitri Maximov Dmitri%20Maximov's gravatar image

What's the problem with adding user-based permissions to the equation? Can you at least design it such that this can be considered to be added in the future?

(Feb 25 '11 at 15:37) ara ara's gravatar image

Let's try discussing the subject. Could you describe a scenario when user-based permissions are more preferable than role-based approach?

As for me, pure RBAC is almost ideal for usage in business process-oriented systems: roles have permissions on operations on subjects, a user can play several roles within an organization according to his current job position. While users can come and go, role hierarchy as well as the amount of duties for every job position stay more or less stable.

(Feb 25 '11 at 16:15) Dmitri Maximov Dmitri%20Maximov's gravatar image
Your answer
Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!
toggle preview

powered by OSQA