End-User Security Setup for Web Forms Controls

MM .NET makes it easy for end users to set up security for their applications. One of the primary ways of doing this is by means of Security Administration mode.

When you create a new Web Forms application, a Web Administration form is automatically created for you in the Admin subfolder of your project's root directory:

To access this form in your browser, navigate to the admin/default.aspx page below your project's root directory. For example:

http://localhost/Test%20Project/admin/default.aspx

This form contains a Log into Security Administration Mode link that puts the administrator into Security Administration mode. If you click this link, this sets the session variable mmUserSecurity_SecurityAdmin to true, and displays the confirmation "You are now running in Security Administration Mode":

Now when you navigate to a web page in your application, you see security icons next to each user interface control that has been marked as "secure" (see the topic Securing User Interface Controls for details):

When you click on a security setup icon at run time, the Control Security Configuration dialog appears. The top pane of the dialog displays all system users and the bottom pane displays all roles.

You can select a user or role and then specify their access level for the current control: None, Read-Only or Full.

Setting the User Access Level

When you select a user in the upper list box, the access level setting indicates the actual access level the user has at run time for the current control. At run time, MM .NET determines a user's access level to a secure object by evaluating settings described in the Help topic Determining a User's Access Level.