|
|
 Posted 13/05/2003 07:27:00 |
|
|
Forum Newbie
Group: Customers
Last Login: 05/12/2003 12:32:00
Posts: 4,
Visits: 1
|
|
Could you layout the security design plans you have for V2? I would like to be able to: 1. Vary security by knowledgebase and by categories/folders below the knowledgebase. 2. To declare an article as internal only. 3. To have internal/external designations on parts of an article. Notes, links, attachments could be internal only or Public and would display appropriately to the person viewing the article. This ability to have linked internal information is vital. 4. To have a section for Publisher / Editor / Review / Approval notes that would only be available to those with appropriate editting or workflow rights. 5. To have a section for mynotes or mycomments which I can attach and be the sole viewer of that info. 6. To have publication dates (Start and End) on articles with the ability to search unreleased or expired articles for those individuals with the approriate rights. 7. To have required user account password changes occur on a scheduled basis. 8. To support https: 128 bit encryption minimally to maintain information security to the browser. 9. Selectable timeout for inactivity 10. Security allowed based on an organization/employer affiliation. eg. if I open my knowledgebase up to my customers and one of my customers discontinues it relationship with us, I want to term or PEND all the associated subscribers to my knowledgebase(s) 11. I would like the security for forums to be shared or consistent with the knowledgebase, so maintenance is as minimal as possible.
Kindest Regards,
Tom Grumbling
Information Analyst
|
|
|
|
| Posted 13/05/2003 07:48:00 |
|
|
IF.NET 4.2 Coming Soon
Group: Administrators
Last Login: 2 days ago @ 20:25:08
Posts: 1,953,
Visits: 3,011
|
|
Hi Tom, Some great suggestions there  - I've answered each question below. If you have any further questions please don't hesitate to post a reply or contact me on support@instantasp.co.uk  1. I plan to add the ability for users to login in v2. You will have the ability to create categories and assign an access level to the category. Based on the members privileges only specific categories will be displayed. This has been the most requested feature since the kb release. 2. Yep Internal Only documents and categories will be available within v2.0. 3. This is a great suggestion. I will certainly look into this idea. The attachments would be quite easy to do this with. The external links and related articles maybe a little tricky. I'll look into the possibility for v2.0. 4. I plan to improve the current work flow for the kb articles. I'm not 100% sure what you mean by have a section for ? - Maybe we could chat on MSN once i'm close to adding this feature. I'd be more than happy to discuss and add this feature if required. 5. Good suggestion - i'll add this to v2.0. 6. Oh my god - these suggestions are getting better - Again i will certainly look into this for a future release. I'll add all your items to my wish list. Great idea. 7. This could be an optional feature. If this is not within v2, i'll certainly add this in a release at some point 8. I'll look into this possibility. What problems is it causing at the moment running within a https:// space. Have you tested this ? 9.You could change this from within the web.config. However i may move all configuration information into a database with v2.0. 10. This would be quite easy to do. I plan to great groupings for KB members, this would allow you to globally set permissions or remove access per group or per user. This should allow you to do this. 11. I've already looked at integrating the two applications. I plan to get them both working with each other for v3 I hope that has answered your questions. If you have any further queries please don't hesitate to contact me. I'm more than happy to help.
Kindest Regards,
Ryan Healey
Director / Developer
 Explore our products...
http://demos.instantasp.co.uk/
|
|
|
|
| Posted 17/05/2003 05:24:00 |
|
|
Forum Newbie
Group: Forum Members
Last Login: 17/05/2003 05:20:00
Posts: 1,
Visits: 1
|
|
Any date for the v2 release? Current version is it upgradable FOC to the new version? Tx
|
|
|
|
| Posted 18/05/2003 08:29:00 |
|
|
IF.NET 4.2 Coming Soon
Group: Administrators
Last Login: 2 days ago @ 20:25:08
Posts: 1,953,
Visits: 3,011
|
|
Hi, I'm not able to offer a specific release date for v2.0 of InstantKB.NET. I can assure users this will be available within Q3 this year. I'm currently busy working on v2.0 of InstantGallery.NET. Once this is released further development on InstantKB.NET will be top priority. This may involve a number of minor releases before we reach v2.0. I will have to see how the enhancements pan out. Existing users of InstantKB.NET will receive the upgrade to v2.0 free of charge. I'm planning to revise our upgrade policy for this product once we reach version 2.0. I hope this answers your questions. Please don't hesitate to reply to this post or contact support@instantasp.co.uk if you have any further questions
Kindest Regards,
Ryan Healey
Director / Developer
Explore our products...
http://demos.instantasp.co.uk/
|
|
|
|
| Posted 26/09/2003 16:10:00 |
|
|
Forum Newbie
Group: Forum Members
Last Login: 23/08/2005 08:42:04
Posts: 2,
Visits: 2
|
|
Hi there Ryan. So far this KB is amazing. One thing that I'd like to see implemented is an author role so that my in-house users are allowed to add and modify articles but can not delete or make them public until the article is approved - Admin function. What is the likelyhood of you getting this into the next release? A user role structure like this: Web User - Anonymous
Employee
* View Only (What is there now)
* Author (Like to see added) Can create & modify
* Moderator - Create, Modify, Delete, Approve
Administrators Does that help break it down a little better?
|
|
|
|
| Posted 03/03/2004 02:05:00 |
|
|
Forum Newbie
Group: Customers
Last Login: 14/02/2007 01:29:50
Posts: 3,
Visits: 3
|
|
I am not sure how likely this is as I know it makes things harder.
I was curious if in future versions if you would not rely on the Session state object, to accomplish roles it is not really needed as I can tell you know based off of how you are handling roles with the the forms authentication ticket method already.
We purchased the first version 1.0 of the KB and loved it. With most of our web based products we are forced by current usage levels and SLA's to deploy many load balanced servers for each of our applications. This creates state management issues, and eventually has led us to completely abandon any in memory or centralized session management schemes.
When we first installed your KB and realized that the only thing that really needed the session state was the admin an easy solution presented itself. We just disabled session state on the production copy and installed an admin only copy to administer the database.
When version 1.2 came out we were very pleased with the new features but we had to do a little work to get the application to not to rely on the session object.
This is a concern for us as you move towards version 2.0, because as you add more and more of the features that are on the list, the decisions you make about state management are going to affect how much of the product we have to tweek to enable us to use it in a highly available environment.
Keep up the good work, your product is nice.
Thanks
Adam Rogas
Load Ltd.
www.load.com
|
|
|
|
| Posted 03/03/2004 02:13:00 |
|
|
IF.NET 4.2 Coming Soon
Group: Administrators
Last Login: 2 days ago @ 20:25:08
Posts: 1,953,
Visits: 3,011
|
|
Hi Adam, Thank you for your email. I can certainly understand your concern. One of my aims with v2.0 was to look at a centralized method to handle state management. I would certainly like implement a easy solution which would allow the users to choose from in-process, sql server based or stateserver session management. I'm actually quite looking forward to developing v2.0 and have some big plans some of which are based around the authentication methods (i would like to offer support for active directory) and also the state management model used. The lessons i learn from the knowledge base in terms of providing multiple options for state management will also be applied to the forums. I appreciate your concern and may contact you during the development process to ensure we are heading in the right direction and any major updates will not greatly impact your current modifications. Thanks for your thoughts and suggestions. I'll certainly keep this topic upto date with any future developments
Kindest Regards,
Ryan Healey
Director / Developer
Explore our products...
http://demos.instantasp.co.uk/
|
|
|
|
| Posted 04/03/2004 01:52:00 |
|
|
Forum Newbie
Group: Customers
Last Login: 14/02/2007 01:29:50
Posts: 3,
Visits: 3
|
|
One method we have found quite useful is to forgo the session state altogether and using an HTTP module to override the page level USER object. This allows us to extend the build in user object to support any product specific user properties as well as gives us the ability to not rely at all on a Shared SQL Server or any other centralized state management. The roles are decode and retreived from the the authentication ticket so that we can extend the built in InRole() method in the User object. By using a module and extending the built in methods you could just switch out the HTTPmodules that were used to achieve the flexibility to support traditional or cookie based session state management.
I am sure by now you hate me.
If any of this seems if worth your while let me know and I would be more than happy to help in any way.
Thanks
Adam Rogas
|
|
|
|
| Posted 04/03/2004 01:55:00 |
|
|
IF.NET 4.2 Coming Soon
Group: Administrators
Last Login: 2 days ago @ 20:25:08
Posts: 1,953,
Visits: 3,011
|
|
Hi Adam, Thank you for your feedback. This sounds like a very interesting idea. It would certainly be nice to centralize state management into a manageable class. I'll look into this method a little further. It should be quite simple with the knowledge base to be honest as not to much state information is persisted. Thanks again - i may send you some early examples if thats ok to ensure i've not created any common problems your already aware off Thanks again - all the very best and please do keen them suggestions flowing 
Kindest Regards,
Ryan Healey
Director / Developer
Explore our products...
http://demos.instantasp.co.uk/
|
|
|
| | |