I've finally jumped into CSLA (simply fantastic) and naturally, custom authentication is the first thing I'm trying to do.
I am trying to understand why there is a LoadOnlyCriteria in PTIdentity.
The code looks like it retrieves the same information as the CredentialsCriteria, only it doesn't check the password. You still get all the same data.
I can only think this is to retrieve the data without logging in. An administrator for maintenance or reporting, perhaps.
But then Fetch sets the IsAuthenticated property to True regardless of which DataPortal_Fetch calls it. And PTPrincipal.LoadPrincipal uses SetPrincipal to set the CSLA.ApplicationContext.User to the principal that just got loaded.
Somehow that doesn't seem right. What am I missing here?
TIA.
------------
Private
Overloads Sub DataPortal_Fetch(ByVal criteria As LoadOnlyCriteria) Using ctx = ContextManager(Of ProjectTracker.DalLinq.Security.SecurityDataContext).GetManager(Database.SecurityConnection) Dim data = From u In ctx.DataContext.Users Where u.Username = criteria.Username Select u If data.Count > 0 ThenFetch(data.Single)
ElseFetch(
Nothing) End If End Using End Sub Private Sub Fetch(ByVal user As DalLinq.Security.User) If user IsNot Nothing ThenmName = user.Username
mIsAuthenticated =
True Dim roles = From r In user.Roles For Each role In rolesmRoles.Add(role.Role)
Next ElsemName =
""mIsAuthenticated =
FalsemRoles.Clear()
End If End Sub----------
Public
Shared Sub LoadPrincipal(ByVal username As String)SetPrincipal(PTIdentity.GetIdentity(username))
End Sub Private Shared Function SetPrincipal(ByVal identity As PTIdentity) As Boolean If identity.IsAuthenticated Then Dim principal As PTPrincipal = New PTPrincipal(identity)Csla.ApplicationContext.User = principal
End If Return identity.IsAuthenticated End FunctionWhat you are missing is the context in which Rocky created it.
You have to read this forum or one of his eBooks to get it in depth.
As I recall it is a WPF thing. The Authorize and Authenticate steps are separate and the Principal is lost in between them. Rocky wanted to only hit the DB once and this code had something to do with fixing the issue. Or not. I really don't remember. <g>
Joe
I bought the ebook, but didn't look there (duh).
That sounds oddly familiar, though.
Thanks.
Copyright (c) Marimer LLC