I am implementing CSLA.NET for the first time. I have a pretty fair handle on it; however, there are a few areas where I still appear to be brain dead.
When a user logs in, I want to authenticate the user as per the book, using custom authentication. However, I also want to validate the user's account against things such as PasswordExpired, MaxFailedLogins, MaxGraceLogins, AccountLockedOut etc. If the user fails authentication or account validation, the user will not be granted access.
I have created an AccountPolicy object that handles the account validation routines and indicates which policies have failed. I use this in my custom identity object. If any policy fails, I set the IsAuthenticated property of the custom identity to false. This is fine for simply denying access at login. However, what I want to do is provide the UI with the reasons the login failed. How do I do this?
Any comments would be appreciated.
I would think you'd want a read-only AccountStatus object that would show all the status information about a user account. If the UI wants this information for whatever reason, it could just go get that object:
AccountStatus status = AcountStatus.GetStatus(username);
So if the login fails, principal.Identity.IsAuthenticated would be false, and the UI could then choose to go get the account status if desired.
Copyright (c) Marimer LLC