Community Forum: Pre Login Access to Entitymanager

Print Page | Close Window

Pre Login Access to Entitymanager

Printed From: IdeaBlade
Category: Cocktail
Forum Name: Community Forum
Forum Discription: A professional application framework using Caliburn.Micro and DevForce
URL: http://www.ideablade.com/forum/forum_posts.asp?TID=3359
Printed Date: 29-Apr-2025 at 12:27pm

Topic: Pre Login Access to Entitymanager

Posted By: siko
Subject: Pre Login Access to Entitymanager
Date Posted: 26-Mar-2012 at 3:35am

Hi,

We'd like to provide a globalized Login experience, hence we need to access some data (texts/language) before we've logged a user in.

How would I go ahead and do that in Cocktail/DF ... It seems I cannot access the repository before I have established a security context (?)

Thanks,

Sij

Replies:

Posted By: siko
Date Posted: 26-Mar-2012 at 7:59am

I found the way to the fake login manager like the one that comes with TempHire ref.app.

However, the entitymanager does not return any results.

What is wrong here?

var securityEntitesManager = new SecurityEntities(compositionContextName: "Fake");
 //Finds the FakeLoginManager and returns UserPrincipal correctly.             
            var userTest = securityEntitesManager.SecurityUsers;
            
 
            var userForIp = securityEntitesManager.SecurityUsers.SingleOrDefault(u => u.ip_address.Trim() ==
                                                                                      HttpContext.Current.Request.
                                                                                          UserHostAddress.ToString(
                                                                                              CultureInfo.
                                                                                                  InvariantCulture).Trim
                                                                                          ());

Should I initialize the em differently?
Is this a supported scenario? (I need data before establishing a security context)
 
Thanks

Posted By: siko
Date Posted: 26-Mar-2012 at 8:47am

Ok, diggin in and found what I was looking for.

I created a custom loginmanager (LocalLoginManager:LoginManager) and used the

CompositionContextResolver

to get the default CompositionContext while my UserIdentity is 'fake'.

Now I'm able to expose some of the data I need for the LoginView throuhg a default silverlight web service.

HTH some one some day.

Posted By: siko
Date Posted: 27-Mar-2012 at 12:38am

Or ... is there a way I can do this with the entityserver?

Posted By: mgood
Date Posted: 27-Mar-2012 at 10:50am

I'm not quite understanding your question. In order to run queries before a formal login, you have two options. You allow anonymous logins or you have a known system login. The latter is not generally recommended, because you have to store the password somewhere in your application.

An anonymous login is a login with null credentials. An EntityManager that isn't already logged in, will automatically attempt to login anonymously upon the first operation that involves talking to the EntityServer.

So, in your LoginManager, you return a Principal that represents an anonymous user when you get null credentials. You don't have to use a CompositionContext. You just have to write your LoginManager such that it accepts null credentials. You should then secure your entities so that an anonymous user can only query the small set of data that is ok to be queried as an anonymous user, because otherwise your server is essentially wide open and anybody can query your entire database.

Posted By: mgood
Date Posted: 27-Mar-2012 at 11:38am

Forgot to mention one thing. In the latest version of Cocktail, EntityManagers no longer login implicitly if the AuthenticationService is found. In order to allow anonymous queries with the AuthenticationService present, you have to overwrite the EntityManager's AuthenticationContext. I would create a seperate repository to query the language data, which will overwrite it's EntityManger's AuthenticationContext to allow anonymous queries. You still have to implement your LoginManager to allow anonymous logins.

In the constructor of the repository, you can add the following line to overwrite the AC.

            entityManagerProvider.ManagerCreated +=
                (sender, args) => args.EntityManager.AuthenticationContext = AnonymousAuthenticationContext.Instance;

Posted By: siko
Date Posted: 07-Apr-2012 at 5:21pm

Thank you for this. When I'll revisit the code, I will take the above in consideration. Makes sense.

Print Page | Close Window