Custom Authentication And Roles

Topics: Web Client Software Factory, Project Management Forum, User Forum
Jul 14, 2008 at 5:32 PM
First of all sorry for the english, I'm still learning :P

I have a question regarding the topic of the discussion, how can I manage custom roles in WCSF?

Well, my problem is that in my application I have a module where the user can add roles and can assign to each role the pages that can access, these roles are not in the Web.config obviously, so how can I manage this scenario: The user logs in, the system verifies the password (I'm not using membership that comes with visual studio), the system retrieves the pages and modules that can access the user based on the roles that the user are in, and finally load the menu tree. All these without using the rules and authorization sections of the Web.config because we don't know yet the roles that are going to be in the system.

I hope somebody can help with an example or an explanation.

Thank you very much in advance.

Ariel
Developer
Jul 18, 2008 at 9:39 PM

Hi

 

Assuming that the mapping between roles and rules are in a database, you can still define the rules in the authorization section of the module Web.config because you will still need to define the granularity for the access somewhere.

 

<authorization>

  <rule Url="~/MyModule/View1.aspx" Rule="Rule1" />

  <rule Url="~/MyModule/View2.aspx" Rule="Rule2" />

  <rule Url="~/MyModule/View3.aspx" Rule="Rule3" />

</authorization>   

 

You will then need to implement and register a custom Authorization Rule Provider that reads your rules/roles mappings from a database. The Security Application Block of the Enterprise Library provides extensibility by adding different implementation for the providers. WCSF uses out-of-the-box the AuthorizationRuleProvider implementation that reads the rules from the Web.config.

 

<authorizationProviders>

  <add type="MyAssembly.MyCustomAuthorizationRuleProvider, MyAssembly" name="RuleProvider"/>

</authorizationProviders>

 

Please, let me know if it helps.

 

Mariano Converti

http://blogs.southworks.net/mconverti

Nov 6, 2008 at 6:12 PM
Hi,

This is a general question...
Is there a mechanism I can use to change the out-of-the-box authorization provider to AzMan for instance?
This may be a 'contribution' type change, but I wanted to know what the 'simple' way to adjust some of the 'default' out-of-the-box Web.config settings would be...
TIA.

Bret.