Using MEF to handle authoerization/user-access w/ the Navigation Framework

I think im starting to understand how to use MEF now. But im still not sure what the best way of utilizing MEF in order to handle controlling user access.

For example: Im using the silverlight navigation framework. And each navigation menu item is to be either disabled or not shown at all if a particular user has rights (i.e. roles, claims) for it.

Now I know that I could set the IsEnabled attributes to disable them, but im hoping for a more elegant/flexible approach.

To sum this up: - Each menu item needs to be a MEF module extension (so it开发者_运维知识库 wouldnt even be download for users with no access to it).

If you want to go with a design where you actually don't download an extension if the user doesn't have access to it, you can put each extension in a separate XAP, and only download the XAPs that the user has access to (with the DeploymentCatalog). There would need to be a list of XAPs and the rights needed for each one, either embedded in your main XAP or as a service of some sort on the server.

You can provide Metadata to a module or MEF-Part. The Metadata can contain a Role or a license key for example...

And with Lazy<T,TMeta> you can decide whether you want to intanciate the module or part...