Adding custom roles - VB 2008 Winforms

StackOverflow https://stackoverflow.com/questions/1370768

Question

I have a winforms (VB 2008) based app that I'm developing and I want to use custom roles for user access.

Application Layout: I have a Main form that opens a login form when certain actions occur. The Login form intern uses an authentication class that I've created, to authenticate users and set access rights. On my Applications settings page, I have Authentication Mode set to Application-defined because I cannot use Windows Authentication in the environment where this will be deployed.

The application uses a MS SQL 2005 db and the 3 tables I'm using in the authentication process are the User_Account , User_Roles and User_Access tables. The combination of an account in the User_Account and the roles within the User_Roles table are the bases for the User_Access table. Using the User_Access table is how I assign access to the various functions within the application

Authentication Method: To authenticate a user, I'm using the "My.User.CurrentPrincipal" (Code below) method. The My.User object works great and allows the use of "My.User.Name" property throughout the app when referring to the currently authenticated user.

Access Method: In order to set the current users access levels I'm using a function within my Authentication class and passing in My.User.Name as a variable. The function uses a Dataset Table Adaptor and a Select Case statement inside a For loop to assign all the access levels for the user (Function code below).

My Problem: This method of assigning access rights to a user does work but it's not persistent throughout the application as the My.User object is. I would like to find a way to create custom roles through the My.User object using its .IsInRole property. I would like to have these roles dynamically created using my User_Roles table. This would allow the custom roles to be used throughout my application using the My.User.IsInRole("MyRole") syntax ...similar to how I'm currently able to use My.User.Name. Unfortunately the only roles I can currently validate against are the built in Windows type accounts (Adminisrator ...ect.).

I have found lots of information and examples related to ASP.Net as well as setting up Winforms Windows authentication but nothing so far directly related to my issue. I think there's a way to accomplish this...but I have not been able to find it. Any help would be greatly appreciated!!

Thank you for your help!

'User Authentication example:

If Authenticate.CheckPassword(tbxUserName.Text, strPassword) Then
            My.User.CurrentPrincipal = New GenericPrincipal(New GenericIdentity(tbxUserName.Text), Nothing)

'Access assignment example:

 Public Shared Function GetUser(ByVal strUsername As String) As Authenticate
        Using UserAdapter As New dbUserTableAdapters.User_AccountsTableAdapter()
            Dim UserTable As dbUser.User_AccountsDataTable = UserAdapter.GetByUser(strUsername)


            Dim tempUser As New Authenticate() _
                With {.ID = UserTable(0).id, _
                    .Username = UserTable(0).User_Name, _
                    .Password = UserTable(0).id}

            Using AccessAdapter As New dbUserTableAdapters.User_AccessTableAdapter()
                Dim AccessTable As dbUser.User_AccessDataTable = AccessAdapter.GetByUser(tempUser.ID)

                For c As Integer = 0 To AccessTable.Rows.Count - 1

                    Select Case AccessTable(c).Role_Id
                        Case RoleType.SysAdmin
                            tempUser.AllowSysAdmin = True

                        Case RoleType.Maintenance
                            tempUser.AllowMaintenance = True

                        Case RoleType.ReportAll
                            tempUser.AllowRptAll = True

                        Case RoleType.ReportException
                            tempUser.AllowRptExceptions = True

                        Case RoleType.EventManagment
                            tempUser.AllowEventStart = True
                        Case Else

                    End Select

                Next

                Return tempUser

            End Using
        End Using
    End Function
Was it helpful?

Solution

I think you need to implement a custom IPrincipal object which accesses your SQL table. Try this page.

Edit:

First, have a look at the definitions of IIdentity and IPrincipal. You'll note that IIdentity doesn't have a 'Role' property defined. They've chosen to implement an additional property called Role on their implementation of IIdentity (SampleIIdentity) and then they've used it from their implementation of IPrincipal. What I'm suggesting is that you implement your own Role property (which queries your existing table) and returns one (or an array) of a Role type you define yourself. Then in your implementation of IPrincipal, you can code IsInRole to query the new Role property. Hopefully that makes more sense that my rather skimpy answer.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top