New Posts New Posts RSS Feed: How to use DevForce entities in authentication
  FAQ FAQ  Forum Search   Calendar   Register Register  Login Login

How to use DevForce entities in authentication
 Post Reply Post Reply
Author
  Share Topic Share Topic  Topic Search Topic Search  Topic Options Topic Options
alexander View Drop Down
Newbie
Newbie


Joined: 13-Feb-2012
Posts: 10 		Post Options Post Options   Quote alexander Quote  Post ReplyReply Direct Link To This Post Topic: How to use DevForce entities in authentication
    Posted: 20-Feb-2012 at 6:16am
I'm attempting to implement my own ASP.NET providers (such as the MembershipProvider) using DevForce entities, but I'm encountering nothing but issues.

If I set "allowAnonymousLogin" to "false" then any attempt to access entities causes an exception, like in this code:
User user = entities.Users.AddIncludePaths( "ParentUser""UserSetting" ).SingleOrDefault( u => u.Username == username && u.ParentUser != null );
It throws a LoginException with the following message: "The current user is not authorized, and guest access is not allowed."

Help would be appreciated.
Back to Top
sbelini View Drop Down
IdeaBlade
IdeaBlade
Avatar

Joined: 13-Aug-2010
Location: Oakland
Posts: 786 		Post Options Post Options   Quote sbelini Quote  Post ReplyReply Direct Link To This Post Posted: 20-Feb-2012 at 1:57pm
Hi Alexander,
 
You need to have anonymous access enabled in IIS otherwise, you will not be able to access public resources (ie. login and/or registration).
 
What you could do is to decorate your entities with [RequiresAuthorization] and/or [RequiresRoles] (more on that in the DevForce Resource Center).
As an alternative, you could also intercept the query and validate the access to data based on user there.
 
Regards,
   Silvio.
Back to Top
alexander View Drop Down
Newbie
Newbie


Joined: 13-Feb-2012
Posts: 10 		Post Options Post Options   Quote alexander Quote  Post ReplyReply Direct Link To This Post Posted: 20-Feb-2012 at 10:38pm
I think you misunderstood my problem. This is not taking place in IIS, this is taking place in Cassini, during Visual Studio development. In any case, the problem is not an IIS problem, but a DevForce problem. "allowAnonymousLogin" is a DevForce setting in web.config.
 
Also, I'm not sure how RequiresAuthorization or RequiresRoles will help. This problems happens DURING authentication, so how would requiring a user to be authorized or in a role help when the user isn't even logged in yet?
 
Query interception? Just to implement a MembershipProvider? That seems just a bit excessive to me...
Back to Top
sbelini View Drop Down
IdeaBlade
IdeaBlade
Avatar

Joined: 13-Aug-2010
Location: Oakland
Posts: 786 		Post Options Post Options   Quote sbelini Quote  Post ReplyReply Direct Link To This Post Posted: 21-Feb-2012 at 11:30am
Hi Alexander,
 
Sorry for the confusion. 
 
AllowAnonymousLogin will determine if guest users can login to your application to use DevForce services such as query and save. In your scenario, since you are not logged it yet, it obviously won't allow the query.
 
Can you give more details on what you are trying to do?
Why are you trying to query within your login manager? It wouldn't make sense to allow a query from a guest user there if AllowAnonymousLogin is set to true.
 
Silvio.
Back to Top
katit View Drop Down
Senior Member
Senior Member


Joined: 09-Sep-2011
Posts: 146 		Post Options Post Options   Quote katit Quote  Post ReplyReply Direct Link To This Post Posted: 21-Feb-2012 at 11:45am
I think I know what is the problem..
 
Alexander
 
You need to use your custom LoginManager (inherited from IEntityLoginManager)
 
Inside, you will implement
IPrincipal Login(ILoginCredential credential, EntityManager manager)
 
 
EntityManager that will be passed there - will be "magic" one that you can use for the data access to get permission and check access against database. Check documentation on how to write custom LoginManager
 
In my application I also use custom SourceKeyResolver and there I _had_ to use other means to access data, not DevForce because I was getting catch 22 situation.
 
 
Back to Top
alexander View Drop Down
Newbie
Newbie


Joined: 13-Feb-2012
Posts: 10 		Post Options Post Options   Quote alexander Quote  Post ReplyReply Direct Link To This Post Posted: 24-Feb-2012 at 12:54am
Katit: You are correct, I ended up having to use that magic EntityManager to get around my issue. I still wanted to use the ASP.NET security and the AspAuthenticatingLoginManager, so what I did was this:

public class MyAspAuthenticatingLoginManager : AspAuthenticatingLoginManager, IEntityLoginManager
{
    private static void SetProviderEntityManager( EntityManager entityManager )
    {
        MyMembershipProvider membershipProvider = Membership.Provider as MyMembershipProvider;
        if( membershipProvider != null )
            membershipProvider.AuthenticatedEntityManager = entityManager;

        MyRoleProvider roleProvider = Roles.Provider as MyRoleProvider;
        if( roleProvider != null )
            roleProvider.AuthenticatedEntityManager = entityManager;

        MyProfileProvider profileProvider = ProfileManager.Provider as MyProfileProvider;
        if( profileProvider != null )
            profileProvider.AuthenticatedEntityManager = entityManager;
    }

    public new IPrincipal Login( ILoginCredential credential, EntityManager entityManager )
    {
        SetProviderEntityManager( entityManager );

        return base.Login( credential, entityManager );
    }

    public new void Logout( IPrincipal principal, EntityManager entityManager )
    {
        SetProviderEntityManager( entityManager );

        base.Logout( principal, entityManager );
    }
}

As you can see, I'm passing the magic entityManager over to my custom ASP.NET Provider classes before I let the AspAuthenticatingLoginManager do its thing.
Back to Top
katit View Drop Down
Senior Member
Senior Member


Joined: 09-Sep-2011
Posts: 146 		Post Options Post Options   Quote katit Quote  Post ReplyReply Direct Link To This Post Posted: 24-Feb-2012 at 4:48am
In my experience MembershipProvider will only take you that far. Testability - 0
I ended up writing my own MembershipService, but I needed some specific stuff
Back to Top
alexander View Drop Down
Newbie
Newbie


Joined: 13-Feb-2012
Posts: 10 		Post Options Post Options   Quote alexander Quote  Post ReplyReply Direct Link To This Post Posted: 29-Feb-2012 at 2:07am
Well, as soon as one problem is solved, another one pops up.

When using the WCF Authentication Service, after configuring it properly, you simply make a call in the client app, like so:
if( System.Web.Security.Membership.ValidateUser( "alexander""password" ) )
{
    Content = "LOGGED IN";
}
else
{
    Content = "DIDN'T LOG IN";
}
which magically ends up calling the ValidateUser method on the MembershipProvider on the server. As you can see from my implementation above, my MembershipProvider requires the magic EntityManager that gets supplied by the IEntityLoginManager. When using the WCF Authentication Service, the IEntityLoginManager is bypassed, and the call to ValidateUser is direct, which means that my "AuthenticatedEntityManager" property is null.

Is there something I can do to acquire that "magic" EntityManager in some other way or otherwise get around the whole Entity authentication issue some other way? All these obstacles I keep running into are getting just a smidgen annoying...
Back to Top
katit View Drop Down
Senior Member
Senior Member


Joined: 09-Sep-2011
Posts: 146 		Post Options Post Options   Quote katit Quote  Post ReplyReply Direct Link To This Post Posted: 29-Feb-2012 at 8:56am
This is why memebership provider not good.
 
Don't use it like this if you want to use DevForce for data access.
 
You can simply say
var myEntityManager = new AppEntityManager();
myEntityManager.Login();
 
And than inspect how that went.
 
Basically, if you ARE using DevForce for data access - start with EntityManager everywhere.
 
 
Back to Top
 Post Reply Post Reply

Forum Jump Forum Permissions View Drop Down