Print Page | Close Window

IsAuthenticated property effects...

Printed From: IdeaBlade
Category: DevForce
Forum Name: DevForce 2010
Forum Discription: For .NET 4.0
URL: http://www.ideablade.com/forum/forum_posts.asp?TID=3406
Printed Date: 28-Mar-2024 at 7:17am


Topic: IsAuthenticated property effects...
Posted By: Siyfion
Subject: IsAuthenticated property effects...
Date Posted: 25-Apr-2012 at 9:14am
Assuming that you disallow anonymous logins, if you create an implementation of the IEntityLoginManager interface on the server, you must return an IPrincipal which exposes an IsAuthenticated property. Does this IsAuthenticated property effect the behaviour of the EntityManager at all, or is it just a value to be referenced manually in code?

The reason why I ask is thus; say we have a username and password for the user to enter on the login screen and they have forgotten their username (not that unlikely!). Say we have some "Forgotten your username?" and "Forgotten your password?" links, we want these to be able to prompt the user for some other data, like their e-mail address, and be able to look up the required information in the database. Obviously this requires a connection to the server, so could I log in and return an "unauthorized user" to then use to lookup the relevant user data? If so, is there a "best strategy" for limiting the access of this unauthorized user?



Replies:
Posted By: DenisK
Date Posted: 25-Apr-2012 at 6:57pm
Hi Siyfion,

The IsAuthenticated property does affect the behavior of the EntityManager. One example, among others, is it can affect how an EM can query or save entities in conjunction with what security attributes you mark your entities with. In other words, the usage of DevForce security attributes is how you can limit your "unauthorized user" access. 

See if this DRC topic can help you get started.  http://drc.ideablade.com/xwiki/bin/view/Documentation/authorize - http://drc.ideablade.com/xwiki/bin/view/Documentation/authorize



Print Page | Close Window