Hello, every one,
I have wrote a simple application to implement security for web
applications. It works on intranet, The security data such as user id
and permission sit on the sql-server database.
the application get the client user'id and look up the database to
find the the user's permission. Now, i need analyze how security it
is. Does any body know how to break it? and how i can improvent the
security?

Any suggestion will be appriciated deeply