Application security

Previous page
Table of content
Next page

Application security is completely dependent on the customer ‚ s requirements to lock users out of the application, specific features of the application, or even from seeing the contents of specific objects on the user interface. We are not going to discuss in-depth how to implement a complete security system in your application, but rather focus on the items that might be secured and concepts to consider when designing the security of the application you deploy.

Network administrators secure the directories so users never even have access to the executable and never even have a chance to run the application. Because smaller companies typically do not have staff to handle this, most developers integrate a login screen. This is absolutely the most common aspect of securing an application from the users who should not run the application. Network login IDs can be captured with SYS(0) and compared to a table of valid login IDs maintained by the system administrator.

The next level of security inside an application is the menu. The Skip For expression can be used to disable menu items. The problem with disabling menu items is users become curious about why they do not have access to certain features. This is why we use GenMenuX from Andrew MacNeill. GenMenuX allows directives to be added to the menu items and incorporated into the menu generation process. These directives (see examples in Table 1 ) wrap IF statements around a call to RELEASE BAR or RELEASE PAD so the users never see the menu item. This eliminates the curiosity of the user, which in turn makes the application more secure.

Table 1. Example directives and the code generated by GenMenuX in the resulting menu program (MPR).

GenMenuX comment directive

Generated code

*:IF USED("LoginHistory")

IF NOT (USED("LoggedInUsers")) RELEASE BAR 3 OF Admin ENDIF

*:IF !IIF(TYPE("oUser.BaseClass")#"C", .T., oUser.oSecurity.GetAccess("MP_ADMIN")>1)

IF NOT (!IIF(TYPE("oUser.BaseClass")#"C", ;
.T., ;
oUser.oSecurity.GetAccess("MP_ADMIN")
>1)) RELEASE PAD _0lx06r3es OF _MSYSMENU
ENDIF

*:IF FILE("instructions.pdf")

IF NOT (FILE("instructions.pdf"))

Note ‚  

GenMenuX was written by Andrew MacNeill and can be downloaded from www.aksel.com/genmenux. Many of the commercial frameworks ship a copy of this tool with their products to leverage ideas presented in this section.

The last layer of security is implemented at the user interface layer. Objects can be disabled or made invisible to hide functionality, destructive features, or sensitive information. Columns on reports can implement Print When conditions so the information is not printed on the report no matter if the output is sent to the screen preview, printed to a printer, or exported to Acrobat PDF files.

The first key to any security implementation is allowing flexibility for the system administrators to control what application features the end users see. The other key is to test the implementation. The ramifications of certain users seeing sensitive information or running processes critical to a customer is something you do not want to happen in your applications.



Previous page
Table of content
Next page
Deploying Visual FoxPro Solutions
Deploying Visual FoxPro Solutions
ISBN: 1930919328
EAN: 2147483647
Year: 2004
Pages: 232
Authors: Rick Schummer, Rick Borup, Jacci Adams
BUY ON AMAZON
The .NET Developers Guide to Directory Services Programming
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
MySQL Cookbook
Competency-Based Human Resource Management
An Introduction to Design Patterns in C++ with Qt 4
Special Edition Using Crystal Reports 10
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy