After wrestling all week with the update for SF, I finally posted my application code to the server (click-once deployment). Users today are telling me that they have access to everything in my secured application...all menus and all forms. RBS does not seem to be engaged. Not good.

Well, the first thing I would do is to log in with an SF user using standard authentication to see if you have the same results. Next, I would take a single user, verify the permissions, etc. and immediately after logging in, I would write a little test and verify that the user's permissions were granted and denied appropriately.



If this works, then I would back up one step and try it for an AD authentication and go through the same process.



So let's work from the most granular level first by looking at permissions for a particular user to ensure that they are pulled (and stored) int he DB properly.

An SF user using standard authentication has full access. The user has only accounting access. For some reason, the permissions are not being read properly. It is as if the default for all roles/permissions is 'granted'. I will write something to review the user's privileges.

Each role that I cycle through for the SF user after authenticating is coming back as Granted, although only one, Accounting, has been allowed for that user. All roles should be denied expect the accounting role/permission. Why would that be happening?

Here is what I did in the InitApplication method:



SecurityBasics.DefaultPermissionAction = PermissionAction.Deny;

//SecurityBasics.DefaultPermissionInfo = new PermissionInfo(PermissionAction.Deny);



The code that I added sets the default action. The application works, now. The code I commented out *did* work before the update.



Why this new code works? I dunno.

Hi Bill,



This is what I have in my AppMain.vb InitApplication()





If this is an old application, try creating a new SF project and compare the code in the program.cs with yours, probably something may have changed before.

Edhy Rijo

The code that you set is what should have been set all along. I know that everybody like pointing fingers at updates (me included), but this hasn't changed since the very beginning of the RBS of SF. At any rate, glad you got it going.

I don't mean to point fingers at the update. My problem resided in the assembly nightmare (points at the GAC). So many goofy things were going on ever since the attempts to update that all I am doing is using that as a checkpoint. I was hoping there was some kind of security settings that may have been reset because of mismatching assemblies. In a different thread, I discovered that form control properties were reset because of assembly problems. I was thinking this was a similar issue.



It is working. I can actually start my vacation, now.

Have Fun!!!