I am getting further in my Silverlight prototype and have a question pertaining to security. I am prototyping my application after the Rolodex, however, I have a couple of differences in my security database (which the Rolodex example has the security tables in the Rolodex db).
I have a BASSecurity database with a Role table and a Users table. My role table is comprised of a RoleId int and a RoleName varchar (30) field. My Users table is comprised of a UserId int, Username varchar(15), Password varchar (15) field, FirstName field, etc. I also have a UsersRole table which is comprised of RoleId int and UserId int and have sprocs to return the valid roles upon a correct entry of a userid and password.
I noticed the Rolodex example put the security tables in the main database and I have been stepping through the GetCslaIdentity<BasIdentity>(...) for a while and am having a hard time figuring out where the selects are in the code that gets the valid userid and password from the table. Oh I also put the additional connection string for the security database in the DataConnection class.
If all else fails, I will put the security tables my main database instead of having the security database as that complicates things, but I will have to figure out how things work anyway, so I may as well beat my head against the wall now! So, any ideas on where the validation occurs for a valid user and password would be most helpfull.
Thank you,
Keith
It is in DataPortal_Fetch of the Rolodex identity class.
You can put your own connection string different from the main connection
string.
Sergey Barskiy
Principal Consultant
office: 678.405.0687 | mobile: 404.388.1899
Microsoft Worldwide Partner of the Year | Custom
Development Solutions, Technical Innovation
From: CyclingFoodmanPA
[mailto:cslanet@lhotka.net]
Sent: Monday, January 19, 2009 3:06 PM
To: Sergey Barskiy
Subject: [CSLA .NET] Security in my Silverlight Application
I am getting further in my Silverlight prototype and have a question
pertaining to security. I am prototyping my application after the
Rolodex, however, I have a couple of differences in my security database (which
the Rolodex example has the security tables in the Rolodex db).
I have a BASSecurity database with a Role table and a Users table. My
role table is comprised of a RoleId int and a RoleName varchar (30)
field. My Users table is comprised of a UserId int, Username varchar(15),
Password varchar (15) field, FirstName field, etc. I also have a
UsersRole table which is comprised of RoleId int and UserId int and have sprocs
to return the valid roles upon a correct entry of a userid and password.
I noticed the Rolodex example put the security tables in the main database
and I have been stepping through the GetCslaIdentity<BasIdentity>(...)
for a while and am having a hard time figuring out where the selects are in the
code that gets the valid userid and password from the table. Oh I also
put the additional connection string for the security database in the
DataConnection class.
If all else fails, I will put the security tables my main database instead
of having the security database as that complicates things, but I will have to
figure out how things work anyway, so I may as well beat my head against the
wall now! So, any ideas on where the validation occurs for a valid user
and password would be most helpfull.
Thank you,
Keith
Copyright (c) Marimer LLC