by PortSight - Product Type: Component / Application / ASP.NET WebForms / .NET WinForms / .NET Class / .NET Web Service / 100% Managed Code
Please note: This page was retired in November 2011.
You can find current information from the links below
in Security and Administration
If you need to buy a license for this specific version, please contact us for availability and pricing.
Other information on this page is shown for historical reference only and may have changed considerably since.
What's New in PortSight SecureAccess 4.2
The new version comes with the following improvements:
- Optional protection and managing access control to folders, files and file streams in the web site application.
- Protection against malicious intruders by optional verification of an e-mail entered during registration, see registered users.
- Tracking and monitoring of active users per (web) application.
- Column 'Alias' added to User Groups and Organizational Units list controls in Admin interface.
- Feature "Configure Your App" in Catalog Mnanager now supports latest versions of Visual Studio (2005 / 2008 / 2010).
Catalog Manager supports import with Invalidate membership that no longer exist in the external source.
What's New in PortSight Secure Access V4.0?
- A solution converted to .NET 2.0 and C# (the VB.NET version has been discontinued, effective immediately)
- SecureAccess Profile Provider for ASP.NET 2.0
- SecureAcccess Authentication Http module ASP.NET 2.0 (eliminates necessity to make changes to Global.asax)
- Locking accounts after N unsuccessful login attempts (see Catalog Settings)
- New authentication and authorization Web Service based on WCF (Windows Communication Foundation). Included are controls for WinForms clients.
- Added support for IIS 7
- Compatible with SQL Server 2008 and Visual Studio 2008
- Windows 7 Compatible
What's New in PortSight Secure Access V3.0?
- Compatible with SQL 2005 and VS.NET 2005
- Support for non-IE browsers
- New fresh design
- Nested application parts
- Object ownership management
- Redeveloped user controls and styles
- Implicitly closing SQL connections after each operation instead of relying on their explicit closing on developer's side
- Controls for selecting objects (roles, user group, org. units, …) newly displays also name object aliases
- Collections used in API inherited from CollectionBase class
- Enhanced set of API functions
PortSight Secure Access provides a comprehensive security solution for your .NET applications. It covers all security issues – authentication, authorization and auditing in WinForms and WebForms applications and in Web Services.
The only difference between the Standard and the Enterprise Edition is that the Enterprise Edition allows you to import user accounts, user groups and organizational units including membership information. The supported sources for import are Microsoft Active Directory, Windows domains and ODBC-enabled databases, such as Microsoft SQL Server, Microsoft Access and others.
PortSight Secure Access is written as a three-tier .NET application. You can use its application programming interface (API) and user controls to check user name and password, control user permissions in your application, log user activities in the audit trail and store user preferences.
It uses Microsoft SQL Server (or MSDE) to store information about users, their permissions, etc.
PortSight Secure Access doesn’t replace the .NET Framework or Windows security, but it extends it and makes its management much easier.
You can manage the PortSight Secure Access system using its Web-based user interface and re-usable user controls.
- ASP.NET WebForms – PortSight Secure Access supports both Forms and Windows authentication. ASP.NET applications can use the complete Secure Access API and user controls. The Application Configuration Wizard helps you integrate Secure Access into your ASP.NET applications in a few simple steps
- WinForms can consume Secure Access Web Service that provides the most important methods of PortSight Secure Access API. Logon form and “Change Password” controls for WinForms are also included
- Web Services can use the complete Secure Access API. PortSight Secure Access supports WS-Security standard for securing your Web Services
- User Management - PortSight Secure Access includes a comfortable web-based user management interface. It allows you to manage user accounts, set user properties, preferences and passwords and organize users into (nested) groups, organizational units and roles. The concepts are very similar to those found in Microsoft Windows
- Authentication Models - PortSight Secure Access supports both Forms and Windows authentication. The Forms authentication requires user to enter user name and password, the Windows authentication uses the user’s identity in the Windows domain
- Users, User Groups and Organizational Units - A user can be member of any number of user groups, organizational units and roles. Groups, units and roles can be nested. Organizational units can describe the hierarchical structure of your organization
- Role-Based security - The list of your web applications is also stored in the PortSight Secure Access catalog. Each application can have several user roles defined – e.g. “Editor”, “Chief-Editor”, “Designer” and “Administrator”. You can assign users, groups or organizational units to a particular role and then simply call the IsInRole method in your application – e.g. ARHelper.IsInRole(“JosephG”, “WebPublishingSystem.Editor”)
- Permission-Based Security (Permission Matrix) represents the most flexible model. You can define modules for each application – e.g. “News”, “Articles” and “Links” section of a Web site – and your set of permissions – e.g. “Read”, “Edit” and “Administration”. Then you simply grant permissions to users, user groups, organizational units or roles. Such permissions can be easily managed in the permission matrix. You can check permissions using simple methods, such as ARHelper.IsAuthorized(“JosephG”, “WebPublishingSystem.News”, “ApproveContent”)
- Securing Web Content - PortSight Secure Access allows you to control access to the content of your Web site (such as media files, documents, files for download and others). You can specify the content using wild cards, such as “/images/*.jpg”
- Audit Trail - PortSight Secure Access allows you to track user actions which gives you a good overview of possible attacks, attempts to access restricted zones as well as changes made to your data – e.g.: ARHelper.Log('JohnF', 'User approved news #141.', 'News_Approved', “WebPublishingSystem.News”)
- Delegation - The administrator can delegate management of membership for particular user group, role or organizational unit, as well as management of permissions for particular application. This allows you to avoid administrator bottle-neck and make your system more flexible
- User Preferences - You can store user preferences in the database instead of unreliable cookies. You can define any number of preferences, such as newsletter subscription, preferred colors and culture, etc.
- Re-Usable ASP.NET Controls - PortSight Secure Access is delivered with ASP.NET controls that can be incorporated into your application, such as:
- Logon form, sign out button and registration form
- Dialogs for selection of one or more users from a list box, drop-down list or from the organizational chart
- Controls for setting password and sending forgotten password
- Controls for delegated administration
- List of users with sorting, paging and filtering that allows you to display list of all users with chosen properties and use it as a company phone book
- Re-Usable WinForms controls include the logon form control and the change password dialog.
- Multiple User Catalogs - You can create and manage any number of user catalogs with one PortSight Secure Access license, which makes it an ideal solution for Web-hosting companies that want to offer well-secured Web sites to their customers
- Import from Active Directory, Windows domain and ODBC-enabled databases (Enterprise Edition only) – you can import users, user groups and organizational units, including their membership. You can map source properties to target properties of objects in the Secure Access database. The import can be run either manually or periodically