PortSight Secure Access 4.3
PortSight Secure Access 4.3 | 12 Mb
PortSight Secure Access is the most flexible .NET security component for user management and application access rights management. It is fully compliant with ASP.NET 2.0 provider model, extends the .Net framework security and exposes the functionality through WCF and WSE web services. PortSight Secure Access can be used for securing Web Applications, Web Services as well as WinForms and Silverlight applications.
User Management
PortSight Secure Access is delivered with a comfortable web-based user management interface. It allows you to manage user accounts, passwords and organize users into (nested) groups and organizational units. Beside the predefined fields, you can define any number of custom properties for each object (user, group, unit).
Object Ownership Management
This flexible feature allows tenants to delegate management of users, user groups, organizational units and applications to their customers.
Each owner defined in Secure Access can have its own set of accounts (users, user groups, organizational units and applications) independent on other owners. Operators can then be delegated to manage these objects without necessity to have full Secure Access administrative privileges and without visibility private objects (accounts) to other owners.
Authentication
You can authenticate users (check user name and password) in ASP.NET, WinForms and Web Services. You can use either forms authentication or leverage integrated Windows authentication that automatically recognizes the current domain user.
Access Control
You can control access to the whole application, to particular modules, features or files (in ASP.NET) in one line of code.
Role-Based Security
Roles represent typical users – e.g. Administrator, Editor, Manager. You can define any number of roles for your application and assign users to these roles. Then you can simply check in your code if current user is allowed to use your application:
[VB.NET]
If ARHelper.IsInRole("JohnD", _
"WorkReports.Manager") Then ...
"WorkReports.Manager") Then ...
[C#]
If (ARHelper.IsInRole("JohnD",
"WorkReports.Manager")) { ...
"WorkReports.Manager")) { ...
Permissions
Permission-based security offers a more flexible solution for controlling access. You can define any number of permission types, such as Read, Modify, Delete or Approve. Then you can grant default permissions to roles. When business logic changes later, you can easily modify the permission matrix without recompiling the application. In your code you only write:
[VB.NET]
If ARHelper.IsAuthorized("JohnD", _
"WorkReports.ReportViewer", "Read") Then ...
"WorkReports.ReportViewer", "Read") Then ...
[C#]
If (ARHelper.IsAuthorized("JohnD",
"WorkReports.ReportViewer", "Read")) {...
"WorkReports.ReportViewer", "Read")) {...
Secure any Web Content
You can control access to any Web content (*.doc, *.jpg, etc), not only to ASPX files. The secured area can be specified using wild cards (e.g. /documents/secret/*).
Auditing Trail
An important feature of the application security is auditing of user activities. It can help you detect attacks and attempts at unauthorized access to secret data and also keep track of data modifications. Last but not least, some laws, including the HIPAA rules, require the auditing trail. Again, one line of code is enough:
[VB.NET]
ARHelper.Log("JohnD", "User changed amount to USD 5.90", _
"WorkReports.TravelExpenses")
"WorkReports.TravelExpenses")
[C#]
ARHelper.Log("JohnD", "User changed amount to USD 5.90",
"WorkReports.TravelExpenses");
"WorkReports.TravelExpenses");
Delegation
You can delegate administration of membership in groups, roles and organizational units as well as management of the permission matrix to privileged users. It helps you avoid administrator bottleneck and keep access rights up-to-date.
Import from Active Directory, Windows Domains and ODBC
You can easily set up regular import from Active Directory, Windows domains and existing ODBC databases. The Import Wizard helps you map source and target fields and choose objects to be imported. Integrating with existing systems ensures that you always work with latest data and makes user management much easier.
Support for ASP.NET (WebForms)
PortSight Secure Access comes with several ASP.NET user controls, such as:
Logon Form
Send Forgotten Password
Change Password
List of Users
Control for selection of single or multiple users
Control for management of delegated groups, units, roles and permissions
... and others.
Support for WinForms
In WinForms applications, you can either directly access the Secure Access API or (preferably) you can consume Secure Access Web service that provides the most important features (checking user name and password, checking roles and permissions, auditing).
You also get “Logon Form” and “Change Password” user controls for WinForms applications.
Support for Web Services
Secure Access uses Microsoft Web Services Enhancements to implement WS-Security, the industry standard for securing SOAP messages. You can use Secure Access together with symmetric or assymetric (X.509 certificates) encryption and check user name, password and access rights of the user accessing your Web Service.
Secure Access Web Service
Secure Access can also be accessed through a Web Service interface that provides the most important features (checking user name and password, checking roles and permissions, auditing). Using this Web Service, you can use Secure Access features on virtually any platform or device with Web Services support.
Feature Comparison
Home:
http://portsight.com/Products.aspx?AliasPath=Products/Secure%20Access/Secure%20Access&CultureAlias=en-US
[/b]
[b] Only for V.I.P
Warning! You are not allowed to view this text.