I've started out with the Silverlight 4 Navigation Application template (RIA Services enabled). (As I really don't like the bloated Business Application Template)
I've added an Authentication Service and I'm able to authenticate users,
but want to override the User.IsInRole method.
WebContext.Current.User.IsInRole("Guest");
But I cannot find any place to override the behaviour.
What are you trying to do? User.IsInRole is an implementation of IPrincipal.IsInRole and really shouldn't be overridden.
If you want to set the user roles, you can do it on the server in your AuthenticationService by overridding the GetAuthenticatedUser or GetAnonymousUser methods.
If you want a method similar to IsInRole, you can extend the User type with a partial class on the client and add whatever methods make sense.
Related
I have an issue in which I wonder if Restangular has support for. I have a UserModel which is part of my model layer. It may have custom attributes that the server doesn't have in it's model and also behavior. I'm not clear if I'm able to use my custom User model, send it to the backend and when it returns transform it back to the UserModel object of my model layer so I still have the custom attribute and methods.
Here's the plunker: http://plnkr.co/edit/IlYcSRuX3GPWmewxniuq?p=preview
Where do I handle the transformation? Do I add the methods in the config block or should I add it via adding a response interceptor? What about custom attributes that the server might not send back to me? I haven't run across any good examples of this.
The UserInfoCntrl controller sends the UserModel object into the contactInformationService in my example.
Some of this might be design choices, i.e. use what you think is best. However, a common pattern [citation needed ;)] would be to integrate the synchronization logic between client and server in the "model" service.
The UserModel service would then be responsible for providing the User object to the rest of the application, keeping it in sync with the server (perhaps via methods like save(), or perhaps automatically?). The service would then be the only module responsible for communicating with the server, at least when it comes to user objects. It can also automatically pull the user data from the server when instantiated.
The architecture feels very clean, at least to me.
I don't have any concrete examples that exactly suits your needs, but this authentication service by Fnakstad springs to mind. It maintains a object (actually a user object!) using $http and $cookieStore. Restangular is a bit more high-level than $http, but the self-contained service concept providing methods for manipulation and storing stands.
I have a Silverlight application from which I have to call a ASHX file, something like this GetFile.ashx?orderId=4
The problem is that I want to allow this call to be made only through the application, and thus I thought of using some sort of authentication (sending the username+pass from silverlight) when calling the ashx file. I don't want to add them in the query string. Any other suggestions?
Thank you
The easy answer is to turn on ASP.Net authorization by whatever means are suitable for you.
If your users log in through an AuthenticationService in the Silverlight client, or through an ASP.Net page, you will be able to access the CurrentUser object from the HttpContext in your handler and from there do whatever checks you want.
The following link should get you started on finding more info if you need MSDN
I don't want to set the same username and password 100 times for ClientCredentials. I want a pattern where I can set this once in code then have it automatically set.
How do people typically do this? Do they inherit from the wcf class? Do they use partial classes?
Delegate the responsibility of creating the proxy instance to a separate class. This class can have method to create proxy, assign credentials and return the proxy instance back.This is something similar to creating factory classes for construction of an object.
I've created my own role provider in a SL4/RIA Services application, and I have had success using the [RequiresRole] attribute on a Domain Service call. I can set a breakpoint in GetRolesForUser and see that it works.
This leads me to some other questions:
How and/or where do I use the other overridden methods in the custom provider? Is it possible to use them within domain service calls? If so is it simply a matter of creating a new instance of the RoleProvider, calling the methods on it, etc.?
Within the custom role provider, is it possible to make domain service calls? If so, same thing, do I simply create/use a new instance of the entities ObjectContext?
Can the AuthenticatedUser instance be hooked into the role provider somehow? I see it has a .Roles property and an .IsInRole method, but can that class be extended somehow to hook into the custom provider?
Any direction on these questions is greatly appreciated.
I have a project requirement where I need to authenticate against ActiveDirectory in a remote/disconnected WPF application.
There is probably several ways to attempt to do this, but what would be the best approach using ActiveDirectory's MembershipProvider?
I need to:
Authenticate that the user exists.
obtain the AD user's groups and roles.
This needs to happen from a remote location, outside of the network Active Directory resides on.
From within a WinForms or WPF application you can now take advantage of "Client Application Services" (thanks MS for a very generic name, searching for help is now very painful!).
This allows you to connect to a WCF service that can validate the logins. The link above has a walkthrough that shows how easy it is to get it all working, once you have a working app you can modify your config to point to a different MembershipProvider and/or RoleProvider.
It's worth noting that the out-of-the-box solution includes a MembershipProvider named ActiveDirectoryMembershipProvider, but there's no RoleProvider for Active Directory.
If you do require the ability to get Roles (or Groups) and you are working with .NET 4.0 then you can take advantage of the new Active Directory API added that makes everything much easier, namely System.DirectoryServices.AccountManagement. For the most basic of Membership and Role services you'll want to have the following to create your own basic MembershipProvider and RoleProvider:
MembershipProvider.ValidateUser() - should use PrincipalContext.ValidateCredentials()
RoleProvider.GetAllRoles() - use a new GroupPrincipal() as a source to a new PrincipalSearcher()
RoleProvider.IsUserInrole() - use UserPrincipal.FindByIdentity() method to get a user, use GroupPrincipal.FindByIdentity() to get the group, then use the IsMemberOf() method on the user to see if they're a member of the group.
You can implement as little or as much of the API as needed, you should find everything you need in the new AccountManagement namespace to do this.