Print Page | Close Window

Custom Authentication

Printed From: IdeaBlade
Category: DevForce
Forum Name: DevForce 2010
Forum Discription: For .NET 4.0
URL: http://www.ideablade.com/forum/forum_posts.asp?TID=2567
Printed Date: 29-Mar-2024 at 1:03pm


Topic: Custom Authentication
Posted By: xer0ne
Subject: Custom Authentication
Date Posted: 16-Mar-2011 at 9:12pm
Hi,

I having problems with customizing the login process, here is what i've done so far

 I'm  using these settings in the web.config

<objectServer remoteBaseURL="http://localhost">
      <clientSettings isDistributed="false"/>
      <serverSettings useAspNetSecurityServices="true" loginManagerRequired="true" allowAnonymousLogin="true" />      
 </objectServer>

*I used the devforce Business application template jetpack theme for silverlight. 
* move around the some of the template files to a wcf ria class library. build ok
* created a class to Implement IEntityLoginManager, put it on my wcf .net class project
 public partial class LoginManager : IEntityLoginManager
    {
        public IPrincipal Login(ILoginCredential credential, EntityManager entityManager)
        {
            LoginCredential guestCredential =  new LoginCredential("Guest"string.Empty, string.Empty);
 
            if (credential == null)            
                credential = guestCredential;                
                
            else
            {                           
                MainRoot svcRoot = new MainRoot(); //EF created from devforce that contains the usernames and password            
 
                InfoUser entUser = svcRoot.InfoUsers.Where(p => p.UserName == credential.UserName && p.Password == credential.Password)
                    .SingleOrDefault();
 
                if (entUser != null)
                {
 
                }
            }
 
            return CreatePrincipalUser(credential);
        }
 
        public void Logout(IPrincipal principal, EntityManager entityManager)
        {
            //no special processing needed
        }
 
        private IPrincipal CreatePrincipalUser(ILoginCredential credential)
        {            
            var identity = new UserIdentity(credential.UserName);
            var principal = new UserProfile(identity, new string[] { });
 
            return principal;
        }
}

* made a query Interceptor
 public class QueryInterceptor : EntityServerQueryInterceptor
    {
        protected override bool AuthorizeQuery()
        {
            //return base.AuthorizeQuery();
 
            bool blnAllowed = false;
 
            if (this.Principal.Identity.IsAuthenticated)
                blnAllowed = true;
            else
            {
                if (this.Query.ElementType == typeof(InfoUser))
                    blnAllowed = true;                
            }
 
            return blnAllowed;
        }
    }
* I did not touch the authenticationManager leave it as is. well change the user property to my user type.
now the problem is the one highlighted in orange, it saying inner exception, something to do with defaultmanager,
 basically what im trying to do is login the user, lookup the credential on that table and authenticate but the problem is the 
EntityManager need to be login first, so i made a guest credentials, but it get logout by the authenticationmanager every time 
a user would login, so i get a entityManager.Principal = null, if i don't logout the guest user,
 it will not carry on the login process and my custom login is not called.
I need this working so continue a prototype using your product. the documentation is not helping much on what i'm trying to accomplished.




Replies:
Posted By: kimj
Date Posted: 18-Mar-2011 at 6:06pm
Creating a new MainRoot EntityManager is causing the bad behavior.  Every EntityManager will actually try to login, whether it's being used on the client or not.  That's why the Login method is passed an EntityManager - this is a "logged in", connected EntityManager which you can use to run queries.  So in this case, if you instead do:
 
  MainRoot svcRoot = new MainRoot(entityManager)
 
... you can construct your domain-specific EM from the logged in EM, and then run your InfoUsers query.
 


Posted By: xer0ne
Date Posted: 21-Mar-2011 at 3:21am
Ok, I will try that,

One more thing, why does IsAuthenticated always false, I tried using formsauthentication and still not authenticated.


Posted By: kimj
Date Posted: 21-Mar-2011 at 10:49am
The UserIdentity constructor you're using defaults IsAuthenticated to false.   Use:
 
  new UserIdentity(name, type, isAuthentication)
 
to create an authenticated user.



Print Page | Close Window