tags:

views:

139

answers:

2
Q: 

Username and Role

Hi , i have this Database table(UserID,Name,Surname,Username,Password,Email) and table(RoleID,RoleName,Description) and table(UserID,RoleID )so i create a Login Authentication with username and password to access to the application (with Linq ToSql to store data) and it is right . Now i wish create a role for each user but i don't know how work out it ...i saw some features about it but refer to web.app .. I post the code of the procedure that apply to login:enter code here 

public partial class Window1 : Window
    {
        public Window1()
        {
            InitializeComponent();
        }


        public bool ValidateApplicationUser(string userName, string password)
        {
          {
                var AuthContext = new DataClasses1DataContext();
                var query = from c in  AuthContext.Users
                            where (c.Username == userName.ToLower() && c.Password == password.ToLower())
                            select c;

                if(query.Count() != 0 )
                {
                    return true;
                }

                return false;
            }

        }

        private void mahhh(object sender, RoutedEventArgs e)
        {
            bool authenticated = true;
            {
                if (usernameTextBox.Text !="" && passwordTextBox.Text != "")
                {
                    authenticated = ValidateApplicationUser(usernameTextBox.Text , passwordTextBox.Text);
                }

            }
            if (!authenticated)
            {
                MessageBox.Show("Invalid login. Try again.");
            }
            else
            {
                MessageBox.Show("Congradulations! You're a valid user!");
                Window3 c = new Window3();
                c.ShowDialog();
                this.Close();
            }
        }
    }

Now i don't know how implement a method(code) to assign a role to the user :( .. Do you have any idea or suggest to make it right?

Thanks ...have a nice day.

Bye

+3  A: 

First, try not to store passwords in the database; it is better to store a hash. I'm not quite sure what you mean "assign a role to the user" - are you having difficulty getting the role from the db? Or are you unsure what to do with it afterwards? If the latter, the "principal" is the way to go; at the simplest level:

        string username = ...
        string[] roles = ...
        Thread.CurrentPrincipal = new GenericPrincipal(
            new GenericIdentity(username), roles);

Now you can use role-based security, either declarative or imperative.

Declarative:

    [PrincipalPermission(SecurityAction.Demand, Role="ADMIN")]
    public void Foo()
    { // validated automatically by the .NET runtime ;-p

    }

Imperative:

    static bool IsInRole(string role)
    {
        IPrincipal principal = Thread.CurrentPrincipal;
        return principal != null && principal.IsInRole(role);
    }
    ...
    bool isAdmin = IsInRole("ADMIN");
Marc Gravell  2009-02-15 10:39:58
Hi Marc,my purpose is for example i have a username "employee1" so i will give it the role to access to the application to view only some window and deny to delete,add and edit the database.So after authenticate in the application i wish assign the role for the user"employee1".Thanks for your reply
JayJay  2009-02-15 14:19:02
Hi MArc sincerely i don't know how go ahead so i ask you if you can post an example (code) to understand better the procedure to work out my trouble.By the way i'm looking also to store a hash ....Have a nice day.Bye
JayJay  2009-02-15 15:53:23
(have replied to direct e-mail)
Marc Gravell  2009-02-15 20:11:51
Hi Marc can you explain me where i must put your code following the code of my project?Thanks for your support.Bye
JayJay  2009-02-17 07:13:50
Usually sandwiched between a login screen and the main screen.
Marc Gravell  2009-02-17 09:04:17
Thanks Marc ,job done!!!Have a happy day.Bye
JayJay  2009-02-17 15:59:41
A: 

As a supplement to @Marc Gravell's post:
A good article at MSDN "How to: Create GenericPrincipal and GenericIdentity Objects"

Kb  2009-02-15 10:45:38

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?