Web Module Security
I have got an ASP website which consist out of 2 modules. Manage Users and Manage Stock. When a login is created the user rights are specified for each module, these rights include Add/Edit/Delete per module.
I would like to know, what is the best way of checking the users access rights to determine which pages they can view and also which functions they can perform?
I thought of using a Dictionary Object to load all the information in and then referencing this object as part of a session variable to determine the access ontop of each page. I cant seem to load a dictionary object as a session variable and access it afterwards. Is this the best method? Any ideas would be appreciated. I am using ASP and SQL server.