Adaptive ASP.NET MVC role management framework

OData support
Kaszó Márk
Department of Automation and Applied Informatics

Nowadays web applications play increasingly important role in our daily lives. As a user, we would like to access to these applications many different ways: in browser, in our phones or as a service. The technology needs to satisfy these claims to make the developers life easier, but it is now always trivial when we implement our application, which one of available technologies would we like to use? Our goal is to maximize the flexibility of the software, write reusable components, but keep the performance counters.

Microsoft provides many solutions, lately these runs as open source projects so we can see better how these works. The Open Web Interface for .NET (OWIN) has been integrated into the ASP.NET MVC 5 platform, which allows us to build our own application pipeline from the selected technologies, OWIN will hosts these, e. g. WebAPI, SignalR. Another useful tool is the ASP.NET Identity 2, which helps us with the authentication and authorization.

In most cases the built-in tools can not satisfy all of our claims. The Identity supports the claim-based authentication and role based authorization but often we would like to use permissions to provide or deny rights to our resources. We categorize our users into roles as usual, then we add permissions to the roles, so we can customize the availability of the resources easier, even while the application is running. The MVC framework does not support any dynamic template system: we can customize the theme of our website through different stylesheets but we cannot change the structure of our generated HTML runtime.

The goal of my thesis is to develop and implement a framework which solves the problems mentioned above and helps the developer to build a module-based, flexible application. We create modules, themes and we can integrate a native phone application into the system. Modules define permissions, menu items, services, and the framework handle the rest of the work: it handles the authorization tasks and hides the inaccessible resources from rendering. The theme should be able to change in runtime, this results a completely different HTML output.

During my work I will design the basic structure of the system and integrate the different technologies. I will create a sample module and a native Windows Phone application, which illustrates the benefits of the framework.


Please sign in to download the files of this thesis.