I just wanna ask what would be better approach to supply these objects in my unit tests. In my unit test I am testing CSLA object. CSLA object is internally using one property and one method of ApplicationUser object. ApplicationUser is inherited from IPrincipal. The properties are: 1) ApplicationContext.User.IsInRole(...) - the method ...
So here's my current code: List<string> rowGroups = GetFileGroups((int)row.Cells["document_security_type"].Value); bool found = false; System.Security.Principal.WindowsPrincipal p = new System.Security.Principal.WindowsPrincipal(System.Security.Principal.WindowsIdentity.GetCurrent()); foreach (string group in rowGroups) { if (p.IsInR...
I have an ASP.Net MVC web application using forms authentication. I am using OpenID for authentication. At the moment the moment I'm storing the openID url inside the Name of the standard GenericIdentity. I would also like to have easy access to the database id for the user. I can make a custom provider or identity by overriding the Ap...
I need to gain access to the files and directories that the current IPrincipal has access to via the Directory.GetDirectories() and Directory.GetFiles() methods, without listing the other files. The process itself is running as NETWORK SERVICE, so it must change the principal to the current user (via IPrincipal) for the duration of thes...
I need to do something fairly simple: in my ASP.NET MVC application, I want to set a custom IIdentity / IPrincipal. Whichever is easier / more suitable. I want to extend the default so that I can call something like User.Identity.Id and User.Identity.Role. Nothing fancy, just some extra properties. I've read tons of articles and questio...
Hi, I'm working on an application using ASP.NET MVC 1.0 and I'm trying to inject a custom IPrincipal object in to the HttpContext.Current.User object. With a traditional WebForms application I've used the Application_AuthenticateRequest event to do this as follows. protected void Application_AuthenticateRequest(object sender, EventAr...
I am using a web service which sets the Thread.CurrentPrincipal object while logging in and soon later when another webmethod of the same web service accesses Thread.CurrentPrincipal, its different/resets Can someone tell me if this is expected or can different webmethod calls from the same client can access the same Thread.CurrentPrinc...
I have a Flex-WebORB-Asp.NET application. When logging in, there's a AuthenticationHandler which implements a WebORB interface: IPrincipal CheckCredentials(string username, string password, Request message); So I create a Principal and return it. WebORB uses the Principal to check for Authentication and Authorization of remote method ...
Well, I think the title is clear enough. ...
I have a basic MVC 2 beta app where I am trying to implement a custom Identity and Principal classes. I have created my classes that implement the IIdentity and IPrincipal interfaces, instantiated them and then assigned the CustomPrincipal object to my Context.User in Application_AuthenticateRequest of the Global.asax. This all succeed...
Hi, Lately I've run into the following problem. I've started using Workflow 4.0, one of the challenges now is to have the workflow run on the correct user, the one who's actually starting it. In WCF we use a sort of flowing-headers behaviour wich does the trick, but in WF it doesn't work obviously because the workflowhost spawns (almost...
I have three current thoughts on how to do this: re-implement AuthenticationService, which uses lots of internal constructors and internal helpers, implement custom IIdentity and IPrincipal types and somehow hook these into FormsAuthentication. give up and roll my own. The problem is that we've got web apps and fat client apps using ...
Hi, I'm developing a web service with ASP.NET, is not an .asmx or WCF, it's a custom one, so I'm working with the Http classes (context, request, response, etc..). Session is disabled. I'm working with my own handler and module. I'd like to keep a object alive and accessible for the time the connection is alive. I mean, a request enter...
Hello, I was wondering how I could bind the IPrincipal to HttpContext.Current.User in Asp.net Mvc with Ninject. Friendly greetings, Pickels Edit: Not sure if it matters but I use my own CustomPrincipal class. ...
I need to get know how SiteMapProvider.IsAccessibleToUser() works. Built-in XmlSiteMapProvider calls HttpContext.User.IsInRole() which uses System.Security.Principal.GenericPrincipal in case of forms authentication. Where does the current user gets its roles? Which provider loads this kind of information? I want to overload it and use ...
I would like to extend IPrincipal in asp.net to allow me to get the usertype that I will define. I would like to make it possible to do this in a controller string type = User.UserType then in my extension method i will have a method like public string UserType() { // do some database access return userType } how can I do th...
We have a ASP.NET site that partially depends on forms authentication for login credentials, however the implementation of IPrincipal is completely custom. But, when running the site on a particular server (which is somewhat semi-hardened when it comes to security), the app crashes when invoking IPrincipal.IsInRole() with the following ...
I am writing an ASP.NET MVC 2 application and don't want to use ASP.NET Membership. I do want to use the Authorize attribute on the Controllers. What I have done so far is ... Web.config <roleManager enabled="true" /> <authentication mode="Forms"> <forms loginUrl="~/Authentication/Login" timeout="2880"/> </authentication> <authoriza...
My application loads a lot of different plugin assemblies. Each plugin can add their own services into the IoC container and can also use all services provided by the main application. I'm moving from a home brewn security solution to use CAS (PrincipalPermissionAttribute and an own one derived from CodeAccessSecurityAttribute). Can I ...