we're developing a web app to cover all aspects of a printing company from finances, to payroll, to job costing. Its important to be able to control who can access what parts of these applications. Don't want a line employee giving himself a raise, etc...
I've heard of the concept of ACL & ACO, but haven't found a good example that we could adapt to our project.
Anyone know where I can find good information to work from?
A brief rundown on ACLs, where they should be used and how they should be structured and implemented for various applications and user levels can be found here:
LINK
I've had to implement that type of security a couple of times. Unfortunately I don't know of any really good articles that provide examples. My implementations were mainly piecing together the parts through trial and error.
However, I did come across this link on MSDN:
http://msdn.microsoft.com/en-us/library/52kd59t0(VS.71).aspx
It has some of the concepts.
After my original post, I did some more research. I found this article:
http://www.aspfree.com/c/a/C-Sharp/Implementing-Role-Based-Security-using-CSharp/
it seems pretty promising, I didn't go through all the details, but it at least guides you through the high-level topics.
If you're using .NET/Windows you might want to look into Windows Authorization Manager (AzMan). There are support for AzMan in Enterprise Library but there are other ways of using it as well.
http://msdn.microsoft.com/en-us/library/ms998336.aspx
http://alt.pluralsight.com/wiki/default.aspx/Keith.GuideBook/WhatIsAuthorizationManager.html
Related
I'm currently working on making a recommendation system. I have all the information about what kind of books the user views. How do I build a recommendation system using that information?
The Question seems very general to me. If you're using python I would suggest you to check out the following link:
https://realpython.com/build-recommendation-engine-collaborative-filtering/
Recommendations can be created using 'collaborative filtering' where you determine similarities of users or items.
The source uses scikit-surprise which is a ready to use implementation with all code needed for a recomendation system.
The surprise library is good if you have (explicit) book ratings whereas another library called 'implicit' is better for implicit ratings within the data e.g. if the user viewed or liked something.
https://surprise.readthedocs.io/en/stable/index.html
https://benfred.github.io/implicit/index.html
It really depends on your usecase, both libraries have implemented various algorithms for your task, so you need to find the solution that fits best.
There are also lots of other libraries and implementations blogs and more on the internet but that's what I would start with.
I am looking to wrap a bot service in order to enable business areas to create and manage them at will with minimal technical knowledge, but meeting our strict security controls. With this in mind I need to be able to create and manage them 100% programatically.
I have been working on a prototype with Microsoft's Bot Framework, Luis and QnA Maker. Sadly though joining these technologies requires a number of manual steps, specifically:
Creating a bot in Azure (Bot Framework)
Creating a Luis Account
Joining Luis bot with Azure(the subscription management part
of the API was recently deprecated)
Creating a QnA Account
Microsoft really don't feel very joined up at all...
With this in mind I am now looking for alternatives and thus looking to see what Google are up to. I am just a bit weary of heading off in a new direction to find similar issues.
Looking briefly at the API documentation it seems I should be able to import an agent in to a project and then manage it. I imagine I could use a template to create my bots from.
Thanks for your time
Mike
Thanks for your feedback.
The way I see it, Bot Framework is more modular than other options out there. First of all, creating a LUIS and QnA account are optional and not time consuming. The average use case can be solved with less than 50 lines of code with no need to throw LUIS or QnAMaker into the mix. Why should Microsoft force you to use LUIS if you might not need it? Google uses a different approach. In my opinion, they give you most of the tools from start, like the NLP agent, so you need to understand NLP concepts even if you don't really need to use them. Most developers tend to overthink their bots and make them more complex that hey need to be.
With that said. We don't provide a way to create agents programmatically. But the process of registering your bot is very straight forward and fast. Let me know if you have any problems on this regard.
Please, take a look at our samples here:
https://github.com/Microsoft/BotFramework-Samples
They can give you a very deep knowledge on what architecture to use for different scenarios. Many times there is a simpler way to achieve the same goal and Microsoft does not try to force you to use the most advanced techniques. Most of the time you can achieve your goal with very simple and easy to maintain code.
Francisco
A Quick Update, in the end we went with a solution based on this idea:
https://aws.amazon.com/blogs/machine-learning/creating-a-question-and-answer-bot-with-amazon-lex-and-amazon-alexa/
I can simply create a new bot by executing cloudformation.
In what scenarios is the individual accounts concept useful/helpful - consider no use of claim based?
I intend to customize the individual accounts...could not find much documentation on the same. Few articles suggested against customizing it.
So should we try to customize the individual accounts concept or does it make the code too complex? If not then please provide some example for the same.
I had done some customization of ASP.NET Identity recently in a few projects. It isn't too hard actually, depending on what you want to do. Customizing the user object should be the most ask place for. This is easy if you know how the IdentityUser object looks like. If you want to change the underlying database: there are some projects on GitHub. With them you can use RavenDB, MongoDB, MySQL, etc.
Compared to other membership systems on the .NET stack Identity is easy to customize, because it isn't a big framework. The biggest drawback is the missing documentation, but some guys in the community have written some nice articles (like Scott Allen or Dominick Baier).
We have been using ReqPro to a great extent by taking the advantage of the API DLLs. We basically develop .NET application and used the DLLs to store data to the ReqPro projects with great ease.
Now, we are looking at possible ways to move to RRC. For this, we need to know how we can achieve the same features.
As RRC is web based, it might have some services that can be used for such things.
The basic requirements are inserting requirements, traceabilities, history etc to RRC and retrieving the same.
Back to top
Please take a look at OSLC - this is a REST-based interface to RRC that will allow you to access and write to RRC. It may not cover all the capabilities you require - but should be a good start. http://open-services.net/ - and then look at the RM specification.
Hope that helps
anthony
p.s Another good place to cross-post this question is the forums on jazz.net - there is a specific forum for RRC.
I need to share info using different services like twitter, facebook, and many more, then found the AddThis Documentation and want to know the key advantages of the problems of using them SDK.
Do you recommend me to use a different library?
I've heard a lot of praise for ShareKit. While I haven't used it myself, it seems simple enough to set up (only 3 lines of code, according to their site) and multiple services are supported.