This series of articles guides you through Enterprise Library-Security Application Block and practices how to use the security Application Block Feature in different application environments. This article by the http://blog.entlib.com open source ASP. Net blog platform team according to the entlib Hol manual compilation to provide, welcome to exchange.
Exercise 1: Protect applicationsFirst open the bugsmak. sln project file under the ex01 \ begin directory.
Add authentication for ApplicationsRun the application. At this time, the application cannot authenticate the user. 1. Open the security \ securityhelper. CS code file and add the following namespace reference. Using system. Web. Security; 2. Add the following code to the Authenticate Method. Public static bool authenticate (string username, string password) {bool Authenticated = false;
Authenticated = membership. validateuser (username, password );// Todo: Get roles return authenticated;} loginform calls the Authenticate Method to verify the user. The membership. validateuser method performs the verification operation. Membership System uses the provider mode, so the application is not bound to specific data. ASP. NET provides two membership providers: Microsoft SQL Server and Windows Active Directory. You can also create a custom membership provider. The sample program reads the member information of the application from the XML file. 3. Open the Security | providers | readonlyxmlmembershipprovider. CS code file in the project. Readonlyxmlmembershipprovider inherits from membershipprovider and is a custom membership provider that reads an unencrypted XML file. Although this is not a good design, it is appropriate for this exercise. 4. Open the app. config configuration file in the project, check the membership provider configuration, and set the authentication data source to the users. xml file. <Membershipdefaultprovider ="
Readonlyxmlmembershipprovider"> <Providers> <addname ="
Readonlyxmlmembershipprovider"Type ="
Bugsmak. Security. providers. readonlyxmlmembershipprovider, bugsmak"Description =" Read-Only XML membership provider "xmlfilename ="
Users. xml"/> </Providers> </Membership> once you have a custom membership provider, you can configure and use the custom membership provider in the application just like ASP. NET provider. 5. Open the users. xml file. You can see that you have added Tom/dick/Harry and other users. 6. Now run the sample program, which can be verified by Tom/dick/Harry and logged on. This example program is a simple bug tracking system framework that provides the following features: Proposing bugs, allocating bugs to developers, and solving bugs.
7. log On As A Tom user and select tasks | raise new bug menu. The following message is displayed: Sorry, you aren't allowed to access that form. similarly, when accessing the assign bug and resolve bug, the above prompt message is displayed to exit the application.
Add role-based authorization for Applications1. Open the taskforms \ raisebug. CS file and view the code. In the raisebug window, you must have one developer, employee, or manager role. [Principalpermission (securityaction. demand, role = "employee")] [principalpermission (securityaction. demand, role = "Developer")] [principalpermission (securityaction. demand, role = "manager")] public static raisebug create () {// todo: check authorization return New raisebug ();} if you do not have the required permissions, A securityexception is thrown, Which is captured by the mainform. User Authentication and implementation have not yet been implemented. In the subsequent content, the application will configure to use roleprovider to retrieve user roles. 2. Open the security \ securityhelper. CS code file and add the following code for the Authenticate Method. Public static bool authenticate (string username, string password) {bool Authenticated = false; Authenticated = membership. validateuser (username, password );
If (! Authenticated)
Return false;
Iidentity identity;
Identity = new genericidentity (username, membership. provider. Name );
String [] roles = roles. getrolesforuser (identity. Name );
Iprincipal principal = new genericprincipal (identity, roles );
// Place user's principal on the thread
Thread. currentprincipal = principal;Return authenticated;} retrieves a user role from the users. xml file through the custom roleprovider (readonlyxmlroleprovider. CS), and creates a new principal containing the user's identity and role. 3. Open the app. config configuration file and view the configuration of the role manager provider. The specified data source is the users. xml file. <Rolemanagerenabled = "true" defaultprovider ="
Readonlyxmlroleprovider"> <Providers> <addname ="
Readonlyxmlroleprovider"Type ="
Bugsmak. Security. providers. readonlyxmlroleprovider, bugsmak"Description =" Read-Only XML role provider "xmlfilename ="
Users. xml"/> </Providers> </rolemanager> 4. Run the sample program to log on with different users Tom/dick/Harry in sequence to confirm that different users have different access permissions. Tom (employee) -- raise new bugdick (developer) -- raise new bug and resolve bugharry (manager) -- raise new bug, resolve bug, and assign bug
Http://www.entlib.com professional ASP. NET e-commerce platform team, welcome to continue to visit the Security Application Block learning manual.
Reference:Security Application Block hands-on labs for Enterprise Library
