In order to provide role based security to my application I’m considering creating my own business objects that implement IIdentity and IPrincipal. I could create these outside of the framework but I would like to access my security DB through the Strataframe data access layer, especially since there was some mention in a previous post of future plans to implement an application server to handle that layer. What's the best approach to take when you want to create a BO that can use the DAL but won't be bound to a form?  I don't need the IContainerInterface but I do need to pass parameters to the constructor. Any guidance would be appreciated.

-Larry