Question User level security help

M

marianne

Registered User.
Local time
, 23:07
Joined
Mar 26, 2009
Messages
327
hi I am studying ULS to implement on my FE and BE. thought I have been studying it but still I cant get enough to understand it. can someone guide me to this in a simplier terms.

I have also another question:

1. Do you use ULS in your projects? If not why? and what do you use to protect your FE and BE?

thanks.
 
User level security has been dropped from Access 2007.
It is only provided to run earlier database design.
Not worth implementing on a new design.

Ordinary users of my FE's are forced to run in runtime mode only.
Test for the user and limit availaility of certain functions on that basis.
Use SQL server to interface with the BE.
 
I am confused. I have read the still access 2007 have ULS.

What do you mean "not worth implementing on a new design."
 
ULS is still supported in Access 2007 but only for the old mde databases and derivitives. The accde format does not include ULS capability.
http://office.microsoft.com/en-us/access/HA101662271033.aspx

Essentially Microsoft has decided to discourage the use of ULS as explained here:
http://blogs.msdn.com/access/archive/2005/10/19/access-12-security-model.aspx

"Since JET is a file based database system where users need physical access to the file to operate on their data, the concept of user level security in Jet to assign different levels of user access to the data within the same file was not recommended. To have multiple people use the database but with different data access privileges, the recommended practice was to move this data to a centralized service like SQL server or SharePoint lists. However, Jet has had this feature for some time and it has worked OK for usability and custom navigation scenarios but isn’t recommended for actual security. "

http://blogs.msdn.com/access/archive/2005/10/19/access-12-security-model.aspx
Consequently rather than studying how to use ULS I would be inclined to put my time into developing the same functionality using a more generalised technique that can be used in all formats.

Your users should be intracting entirely through forms. You can limit the function of forms based on the logged in user. For example disabling controls or subforms for users who are not allowed to change data.

This can be fairly simply achieved by using the tag property on the control. Enter the minimum user level for rights to enable the control. On Load run a loop to compare the security level of the current user and enable the control as appropriate.
 
when I was working with different versions of access, i have already thought why the need for ULS if there would be some kind of security other than that, that is more simplier and more efficient.

anyway, do you have some kind of example for that so I can study it? I would really appreciate that. thanks.
 
Unfortunately the only databases where I have used this technique are sensitive corporate ones. I will put together a basic example of the concept over the week end.
 
ok thank very much for the effort Galaxiom. i will wait for your example here. kindly pm me if you have already posted the example because maybe I will forgot this post from the many post I post.

Today is friday on my time. maybe I could get back by monday. thanks again.
 
I always found access ULS cumbersome to use - once the database gets biggish, it becomes very hard to manage, and a total beast to change

the way a lot of commercial progs do it is to

a) in some cases, assign users to groups
b) give the users or groups a privilege level (say 1 to 9)
c) give the individual forms an access requirement (say 4)

so if the form has a requirement of 4, then the user needs to have a privilege level of 4+, or maybe be in a group that has a level of 4+ to "see" that form. When you display the menu, you could either elect to leave the option, but not allow access - or remove the menu option altogether

I would think commercial progs tend to go the group way

Lets call this vertical security - this isnt too hard to implement at all

-------------
what is more difficult is horizontal security - where you want a user to be able to see data for his branch, but not for others. This cannot be managed by any normal security level system. You actually have to manage this at the data level to filter the information. Much more complex for the developer.


This vertical
time you add a
 
You must log in or register to reply here.

Similar threads

J
How to see the UN and PC Name of locked Records
Replies
14
Views
858
jmark@stayintouch.us
J
The_Doc_Man
Important Security Guidelines
2
Replies
24
Views
1,539
The_Doc_Man
The_Doc_Man
C
Inventory- hold stock level or not
Replies
11
Views
617
The_Doc_Man
The_Doc_Man
A
FE/BE Should Any Tables be Distributed in FE?
Replies
14
Views
1,159
Mike Krailo
Mike Krailo
Uncle Gizmo
Ollama Mistral - A-level Maths
Replies
0
Views
289
Uncle Gizmo
Uncle Gizmo

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)
Back
Top Bottom