Code Customization: Customize Application Authentication Behavior

Security and Authentication

Customize Application Authentication Behavior

Code Customization

Customize Application Authentication Behavior

Description:

All pages and panels generated by Iron Speed Designer have a CurrentSecurity property for accessing the page's Security Interface. This object of type ISecurity interface is used by pages, panels, and controls as the main point of access for role based security operations. The security-related methods of this interface are implemented in classes corresponding to the security and role management type you chose for the application: ActiveDirectorySecurity.vb, RoleBasedSecurity.vb, NoneSecurity.vb, ActiveDirectoryGroups.vb, AzManRoles.vb, ProprietoryRoles.vb, NoneRoles.vb. The CurrentSecurity Interface is defined in SecurityControls.vb. All these files are located in the BaseClasses\Utils folder.

Here is the list of useful methods you might want to use in your customizations:

To get information about logged in user:

UserID

string userID = BaseClasses.Utils.SecurityControls.GetCurrentUserID();

userName (for all security types)
```
string userName = BaseClasses.Utils.SecurityControls.GetCurrentUserName();
```
It returns null if user is not logged in or username otherwise

To check if user has any of the roles

BaseClasses.Utils.SecurityControls.IsUserInRole(System.Web.HttpContext.Current, "role1;role2;role3");

To get user roles:

string usrRoleStr = BaseClasses.Utils.SecurityControls.GetCurrentUserRoles();

This customization modifes your application to use a different authentication mechanism.

Procedure:

Step 1: Modify class for a selected security type in

<IRON SPEED DESIGNER>\BaseClasses\Utils\

In particular, you may need to modify these methods:

Defined in ISecurity Interface and implemented in ActiveDirectorySecurity.vb, RoleBasedSecurity.vb, WindowsSecurity.vb, NoneSecurity.vb classes:

Function ValidateCurrentUser(ByVal appRoles As String) As SecurityControls.ValidationResults
 Function SetLoginInfo(ByVal userName As String, ByVal userPassword As String, ByRef errorMessage As String) As Boolean
 Sub Logout(ByVal page As BaseClasses.Web.UI.BasePage)
 Function GetUserStatus() As String
 Function SetUser() As Boolean

Defined in SecurityControls Class:

Public Shared Function IsUserInRole(ByVal context As HttpContext, ByVal appRolesLst As System.Collections.IList) As Boolean
Public Shared Function GetCurrentUserRoles() As String
Public Shared Function GetCurrentUserName() As String
Public Shared Function GetCurrentUserID() As String
Public Shared Sub SetCurrentUserName(ByVal usrName As String)
Public Shared Sub SetCurrentUserID(ByVal usrID As String)
Public Shared Sub SetCurrentUserRoles(ByVal usrRoles As String)
Public Shared Function GetUserRecord(Optional ByVal userID As String = "") As IUserIdentityRecord

Defined in IRolesManagement interface located in BaseClasses\Base\BaseInterfaces.vb and implemented in ActiveDirectoryGroups.vb, AzManRoles.vb, ProprietoryRoles.vb, NoneRoles.vb classes:

Function GetUserRoles(ByVal user As String, ByVal password As String, ByVal providerCS As String, ByVal domains() As String) As String

Step 2: Recompile BaseClasses.DLL using the modified BaseClasses source code.

Step 3: Copy the new BaseClasses.DLL (and BaseClasses.PDB if present) into your application's Bin directory. Your application now has customized authentication.

Disclaimer:

Customizations included in this wizard are provided as a sample to demonstrate a feature, and may work only in specific situations. The Iron Speed Designer support team cannot assist in the resolution of problems which may occur as a result of customizing your application or modifying a customization to fit a particular purpose.