Have Fun!!!

I don't mean to point fingers at the update. My problem resided in the assembly nightmare (points at the GAC). So many goofy things were going on ever since the attempts to update that all I am doing is using that as a checkpoint. I was hoping there was some kind of security settings that may have been reset because of mismatching assemblies. In a different thread, I discovered that form control properties were reset because of assembly problems. I was thinking this was a similar issue.



It is working. I can actually start my vacation, now.

The code that you set is what should have been set all along. I know that everybody like pointing fingers at updates (me included), but this hasn't changed since the very beginning of the RBS of SF. At any rate, glad you got it going.

Hi Bill,



This is what I have in my AppMain.vb InitApplication()





If this is an old application, try creating a new SF project and compare the code in the program.cs with yours, probably something may have changed before.

Edhy Rijo

Here is what I did in the InitApplication method:



SecurityBasics.DefaultPermissionAction = PermissionAction.Deny;

//SecurityBasics.DefaultPermissionInfo = new PermissionInfo(PermissionAction.Deny);



The code that I added sets the default action. The application works, now. The code I commented out *did* work before the update.



Why this new code works? I dunno.

Each role that I cycle through for the SF user after authenticating is coming back as Granted, although only one, Accounting, has been allowed for that user. All roles should be denied expect the accounting role/permission. Why would that be happening?

An SF user using standard authentication has full access. The user has only accounting access. For some reason, the permissions are not being read properly. It is as if the default for all roles/permissions is 'granted'. I will write something to review the user's privileges.

Well, the first thing I would do is to log in with an SF user using standard authentication to see if you have the same results. Next, I would take a single user, verify the permissions, etc. and immediately after logging in, I would write a little test and verify that the user's permissions were granted and denied appropriately.



If this works, then I would back up one step and try it for an AD authentication and go through the same process.



So let's work from the most granular level first by looking at permissions for a particular user to ensure that they are pulled (and stored) int he DB properly.

Let's say I had a problem with assemblies not matching (and, I did). In what way could the security subsystem be changed so that it is not actually working? When my assemblies were messed up, some controls were overwritten. Perhaps, something was changed in security somewhere. Is there any place that I could look to determine why the security is not working. The app works fine...it is as if everyone has access to everything despite the fact that I have this code in my program.cs:

Bill,



I don't think that this one is on us. We have been doing this for quite some time now and we too have rolled this out into the field. I think that there is something else going on within your code. If you are using AD for authentication, this definitely cannot be SF as we don't do the authentication at this point. This is all pass-through. The only thing handled by SF when authenticating off of AD is that once you authenticate, then we use the user name to associated permissions, etc. to the user.



More information is definitely needed on this one.