473,320 Members | 1,848 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Custom GenericIdentity class for more userdata

Hello

With trial and error I'm attempting to create an extended identity to store
some more data than just the Name, for example a Subscription and a
LastSearchPerformed property...

Is this a good idea ? I'm coming from ASP and Session variables, but I
explicitly wanted to avoid that for .NET.

The problem I'm facing is that I don't find a good way to bring my source
data from the login routine to the AuthenticateRequest event, as followed in
a little pseudocode which hopefully shows my thoughts and my errors...

[login.aspx]
Button_Click_Event
< GetUserDataFromDatabase >
....
FormsAuthentication.Redirect(sUserName, False)
End
[global.asax]
Application_AuthenticateRequest( s , e ){
If Request.IsAuthenticated Then
Dim objIdentity As
myCustomIdentityClass(Context.User.Identity.Name)

'/// This is where I need to get the data from <
GetUserDataFromDatabase >
'/// which is called in the button click event from the
unrelated page.
'/// How do I get that data here without having to call the
database for every Request ?
....
<assign roles & custom identity to Context.User>
End If
End
The main question is commented in that event,
I hope someone can help me to find the best way to do it, or just tell me
I'm completely on the wrong way to do this.

Thanks,

Beren
Nov 18 '05 #1
1 2617
Rocky Lhotka explains very clearly how to do all this in his book.
http://www.lhotka.net/ArticleIndex.a...ea=CSLA%20.NET

The basic idea is to create a custom Principal class which contains a
reference to the Identity class.
They each implement the appropriate interfaces.
(Rocky provides sample clases.)

Then you can modify your class to include other pieces of information (like
UserID, CompanyName, etc.).
Then just use AcquireRequestState to pull your Principal class out of
session at the beginning of each hit.
This way all of the data in it is available throughout the request.

When the user logs in - that is when the class authenticates the user
against a DB (or some other mechanism).
If the login succeeds, you store the Principal class in session for later
use then RedirectFromLoginPage.
================================================== ============================
Dim mUser As MyPrincipal
mUser.Login(UserId, Password)
mUser = CType(Thread.CurrentPrincipal, MyPrincipal)

If mUser.Identity.IsAuthenticated = True Then
HttpContext.Current.User = mUser
State.CSLA_Principal = mUser
Web.Security.FormsAuthentication.RedirectFromLogin Page(txtUserId.Text,
False)
Else
'do something about a failed login
End If
================================================== ============================

Here is the VB code in my Global.asax file:

Private Sub Global_AcquireRequestState(ByVal sender As Object, ByVal e As
System.EventArgs) Handles MyBase.AcquireRequestState

'See pages 509-510 for a lengthy explanation of this code
If Not State.CSLA_Principal Is Nothing Then
Thread.CurrentPrincipal = State.CSLA_Principal
HttpContext.Current.User = State.CSLA_Principal
Else
If Thread.CurrentPrincipal.Identity.IsAuthenticated = True Then
Web.Security.FormsAuthentication.SignOut()
Server.Transfer(Request.ApplicationPath + "/Login.aspx")
Else
'Anonymous User
MyPrincipal.LoginAnonymous()
State.CSLA_Principal = CType(Thread.CurrentPrincipal, MyPrincipal)
HttpContext.Current.User = State.CSLA_Principal
End If
End If

End Sub

The only "odd" thing in there is the use of a State class for handling
Session variables using strong typing.
These two are equivalent statements:
1. Thread.CurrentPrincipal = State.CSLA_Principal
2. Thread.CurrentPrincipal = Ctype(Session("CSLA_Principal"), MyPrincipal)

The first one has intellisense, is easier to read and avoids typos.

Also, I added a LoginAnonymous() method to my custom Principal class to
allow some BOs to hit the DB prior to the user logging in.
e.g the login page displays data from the DB so the BO needs to fetch it and
yet no one is logged in yet.

--
Joe Fallon


"Beren" <be***@angband.me> wrote in message
news:KP*********************@phobos.telenet-ops.be...
Hello

With trial and error I'm attempting to create an extended identity to
store some more data than just the Name, for example a Subscription and a
LastSearchPerformed property...

Is this a good idea ? I'm coming from ASP and Session variables, but I
explicitly wanted to avoid that for .NET.

The problem I'm facing is that I don't find a good way to bring my source
data from the login routine to the AuthenticateRequest event, as followed
in a little pseudocode which hopefully shows my thoughts and my errors...

[login.aspx]
Button_Click_Event
< GetUserDataFromDatabase >
....
FormsAuthentication.Redirect(sUserName, False)
End
[global.asax]
Application_AuthenticateRequest( s , e ){
If Request.IsAuthenticated Then
Dim objIdentity As
myCustomIdentityClass(Context.User.Identity.Name)

'/// This is where I need to get the data from <
GetUserDataFromDatabase >
'/// which is called in the button click event from the
unrelated page.
'/// How do I get that data here without having to call the
database for every Request ?
....
<assign roles & custom identity to Context.User>
End If
End
The main question is commented in that event,
I hope someone can help me to find the best way to do it, or just tell me
I'm completely on the wrong way to do this.

Thanks,

Beren

Nov 18 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
by: Nick | last post by:
My client uses a SQL Database to store their usernames and passwords, and I do not believe they have AD...no big deal... I wrote a class to create a generic identity and generic principal so that...
7
by: Luc Tremblay | last post by:
Given the typical following code: void Listener::HandleEvent(const Event& event) { // handling code } In a "clean" fashion, how is it possible to add custom data (to be subsequently...
6
by: Gunnar Beushausen | last post by:
Hi! I need a class to store the users data (ID, name etc.) that is accessible from anywhere. At application startup the class gets filled with its data about the user. But how can i access...
6
by: Tim Mulholland | last post by:
I have created my own IIdentity class (actually inherited from GenericIdentity) to contain lots of extra useful information to be passed around with the user's basic information. The class...
2
by: lucd | last post by:
Hello, I am currently playing with form authentication & role based security on a web application. As seen in the starter kit Time tracker, I setup a custom identity class (CustomPrincipal)...
1
by: Stu | last post by:
Hi, Im using vis studio 2003 and I think wse is out of the question as clients could be using java which doesnt support it. So I managed to find some code which allows you to develop a custom...
3
by: charles | last post by:
Hi, I am trying to port my ASP application to ASP.Net 2.0 My application is sold to large corporations that have many thousands of users. So I do not use Forms authentication. To make it more...
1
by: Jakob Lithner | last post by:
When I started a new ASP project I was eager to use the login facilities offered in Framework 2.0/VS 2005. I wanted: - A custom principal that could hold my integer UserID from the database -...
4
by: crispin | last post by:
Hi Everyone, I was hoping one of you kind souls could help me with the following: I have a class method which initializes audio libraries written in C, shown below... where it says (RIGHT HERE)...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.