Client Application Services - Part 2
page 5 of 10
by Bilal Haidar
Feedback
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 43741/ 62

Authorization

In this section we will retrieve some information related to the roles the user belongs to. Another method call is added to the Form_Load which is DisplayUserRoles. This method shall retrieve the roles that the user belongs to, if any, and bind the data to a DataGridView placed on the main form.

Listing 6

private void DisplayUserRoles()
{
  // Get the ClientRolePrincipal
  ClientRolePrincipal principal = (ClientRolePrincipal)
    System.Threading.Thread.CurrentPrincipal;
  // Get an instance of the ClientRoleProvider
  ClientRoleProvider roleProvider = (ClientRoleProvider)Roles.Provider;
 
  // Get user roles
  string[]roles = roleProvider.GetRolesForUser(principal.Identity.Name);
 
  panel1.Visible = roles.Length >= 1;
  if (panel1.Visible)
  {
    foreach (string s in roles)
      this.dataGridView1.Rows.Add(s);
  }
}

First of all, the code retrieves an instance of the ClientRolePrincipal from the CurrentPrincipal object on the System.Threading.Thread object. There is nothing special about this object except a method called IsInRole which accesses internally the ClientRoleProvider.IsUserInRole method.

Once the ClientRolePrincipal object is created, an instance of the ClientRoleProvider is cast from the Roles.Provider property. You could have directly used the Roles.Provider property to access the methods related to roles, but using an instance of ClientRoleProvider is better since it will show you which methods are implemented and which are not.

As mentioned in part 1 of this series, the role management in Client Application Services is read-only, you can only check whether the user is in a specific role or not by using the IsUserInRole method and another method to retrieve user roles called GetRolesForUser.

A call for the GetRolesForUser is issued to retrieve the user’s roles. If there are any roles for the currently logged in user, they are bound to a DataGridView on the main form.


View Entire Article

User Comments

Title: Continuing last comment   
Name: Krishna Vedula
Date: 2010-04-04 7:22:11 PM
Comment:
Hello Bilal

Looks like there is a limit on the length of the comment. So, here are my details

Krishna Vedula
krishna@ntc-us.com
Title: How to pass the user context back to server   
Name: Krishna J Vedul
Date: 2010-04-04 7:21:12 PM
Comment:
Hello Bilal,

Great Series of articles going in depth in to each of the security topics. I found this very helpful. This helped me get a general direction for the project I am working on currently. However, I have come across a road-block in all articles related to Client Application Services across many sites and was not able to get much help in that regard.

What I am trying exactly is to have the same Authentication framework for my Web front-end as well as the Web interface. With Client Application Services, I am able to get that as explained by you clearly. I also get the roles of the user, so I control what to show and what not to show. Great so far.

I am going to the next level, where my Desktop application is connecting back to the same server (that server the authentication as well as web-content) to get some data. Here I have created some facades (aspx) to parse the request data and send the response as XML. I am able to use the same business objects with some custom aspx files for xml transformation. But, I am getting an error in the business layer if I put any security role restrictions.

How do I pass the Thread.CurrentPrincipal.Identity which has all the roles back to through the web request so that the security framework on the server would not throw any execptions.

a) Code I am using to create a request on the client is

HttpWebRequest req = (HttpWebRequest)WebRequest.Create(@"http://localhost:55555/AppServices/GetAdminData.aspx");
req.Method = WebRequestMethods.Http.Post;

b) Security Permissions on the server are like


[PrincipalPermissionAttribute(SecurityAction.Demand, Role="admin")]
public void ProcessRequest()
{

If I could pass all the cookies that come from user authentication back to server as part of the request, then I woudl get over the problem. But with Membership.ValidateUser I do not get any cookies. Then how do I pass them?

The SaveUserSettings seems to send the user
Title: Good Article   
Name: Adron
Date: 2008-10-20 12:07:25 AM
Comment:
Good write up. I'm working through multiple scenarios right now with this, so it is interesting to read and helpful.

Thx.






Community Advice: ASP | SQL | XML | Regular Expressions | Windows


©Copyright 1998-2024 ASPAlliance.com  |  Page Processed at 2024-06-18 5:24:10 AM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search