Question about Project Tracker's PTPrincipal.Login function

monkmonk posted on Friday, February 16, 2007

I've searched and didn't see any mention of this.

In the Project Tracker 2.1 WinForms sample's PTPrincipal.Login method the CSLA.ApplicationContext.User is only set if the if the user is authenticated. The code is shown below.

Public Shared Function Login( _
          ByVal username As String, ByVal password As String) As Boolean

            Dim identity As PTIdentity = PTIdentity.GetIdentity(username, password)
            If identity.IsAuthenticated Then
                Dim principal As New PTPrincipal(identity)
                Csla.ApplicationContext.User = principal
            End If
            Return identity.IsAuthenticated

        End Function

This doesn't make sense to me. If the user was logged on to a domain wouldn't any check in the application for IsAuthenticated return true? It seems to me that a better alternative would be to return an unauthenticated identity.

Can someone help enlighten me?

Thanks,

MM

RockfordLhotka replied on Saturday, February 17, 2007

If you were using Windows security you'd be correct - and of course you wouldn't need this code at all.

But this is using custom authentication and a custom principal, not Windows security. So the Windows principal object isn't being used here at all.