Products  Córdoba, 2012, may the 19
 
 SecurityAddin

SecurityAddin is an addin for visual basic 6 which adds security to a project based in roles with a click of a button. It adds 7 tables to the application's database and also the code to each procedure of the project to check security permissions.

En sólo 3 pasos, SecurityAddin le agregará seguridad a su proyecto:
 1.  Open the project.
 2. Press the buton to add security to a procedure.  
 3.  Press the buton to add Users, Roles and Rights.

Proposed security schema
The security schema which SecurityAddin works with is the classic one based on roles. It has a users table, a role table and another one of users by role. This way permissions are assign to roles (table of permissions by roles). Besides, to have access to a secure method the user has to initiate a session with the login method of the csecurity sessions class. The login method controls user/password and if it is correct it generates an id of session and inserts a register in the table of sessions. The session id generated is aleatory and only valid for the day in which it was generated.If you want to use a more complex algorithm of generation of the sessionId, you can modify the functions, getnewsessionid and validatesessionid. The id of session returned by the login method must be passed as a parameter to the secure method in order to authenticate the session and the user (secaddin automatically adds this parameter to the methods that are pointed as secure and it takes it off (removes it)when you designate the non secure method).So in each secure method it receives the sessionid parameter with which it validates the session and verifies if the users can execute the method .Besides ,you obtain the userId of the user that initiated the session in order to incorporate him in the logic of the system, for example ,to register in the database which user did certain process or when different users apply dissimilar discount percentages. But if the procedure starts with a sentence of error control(on error go to...) the code that adds secaddin locates under this sentence. If you want to do secure events procedures (as the click event of a button or a menu) you can not add the sessionid parameter to the procedures, so in this case secaddin makes the security checkup against a global gsessionid variable that must be defined. Secaddin allows to register , besides the date/ start time and closure of each session, the amount of transactions (the amount of calls to secure methods) made in each session.

 

Download
Support
Price U$35
3 to 5 licences U$31
6 to 10 licences U$29
11 to 20 licences U$24
WOW! Córdoba Argentina 2003 all rignts reserved