[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Authorization using custom roles from DB - WCF

Posted on 2011-10-06
5
Medium Priority
?
271 Views
Last Modified: 2012-05-12
SecurityLib.dll
 
Public Class MyCustomValidator
    Inherits UserNamePasswordValidator

    Public Shared _roles As New List(Of String)

    Public Overrides Sub Validate(ByVal userName As String, ByVal password As String)
        If (userName <> "Mike" OrElse password <> "Sam") Then
            Throw New FaultException("Invalid Credentials !")
        Else
            Dim str As String = "User,Admin"
            _roles.AddRange(str.Split(",").ToList())
        End If
    End Sub

End Class
 
ServiceLib.dll

Public Class AddClass
    Implements IAdd

    Public Function AddFunc(ByVal value1 As Integer, ByVal value2 As Integer) As Integer Implements IAdd.AddFunc
        If SecurityLib.MyCustomValidator._roles.Contains("Admin") Then
            Return (value1 + value2)
        End If
    End Function

End Class

Client

Sub Main()
       Dim client As New AddProxy.AddClient
       client.ClientCredentials.UserName.UserName = "Mike"
       client.ClientCredentials.UserName.Password = "Sam"
       Console.WriteLine("Addition of two numbers = " & client.AddFunc(10, 20))
       client.Close()      
       Console.ReadLine()
End Sub

My problem here is: I have delcared the variable (_roles) as SHARED in SECURITYLIB.dll. So it will be shared among ALL instances as it belongs to CLASS not to an instance. Now if two or more users are working on the same application, then i will lose the previous user roles values. If it is NOT a SHARED variable (_roles), then i need to create an instance of SECURITYLIB.dll which will make the variable (_roles) as "" (Empty String) or may be NULL. Also please note that in WCF security using UserName and Password
 
Public Overrides Sub Validate(ByVal userName As String, ByVal password As String)
 
will be called first before

Public Function AddFunc(ByVal value1 As Integer, ByVal value2 As Integer) As Integer Implements IAdd.AddFunc

Can you please let me know, how can i tackle this situation ?

Thanks
0
Comment
Question by:milani_lucie
  • 3
  • 2
5 Comments
 
LVL 18

Expert Comment

by:DarrenD
ID: 36938362
Have you looked into using SQL Server Role Provider instead.

http://msdn.microsoft.com/en-us/library/ff647040.aspx

Cheers,

Darren
0
 

Author Comment

by:milani_lucie
ID: 36957776
I am working on Console Application - Both Host and Client. Does the above URL helps  :(  ? BTW: I hate MSDN. You can provide me any article which can be easily understandable on this for implementation !!

Thanks
0
 
LVL 18

Accepted Solution

by:
DarrenD earned 1000 total points
ID: 36960856
0
 

Author Comment

by:milani_lucie
ID: 37040349
Nope...That will not work. Can you please provide me another way of doing this ?

Thanks
0
 

Author Closing Comment

by:milani_lucie
ID: 37078570
Provided solution will not work.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In previous Articles, we have discussed how we can upload a file using .asmx web service and isolated storage space. Here, in continuation to the topic, I am going to discuss how we can use WCF for the same purpose. Steps: 1.Create the silverli…
While working on Silverlight and WCF application, I faced one issue where fault exception occurred at WCF operation contract is not getting propagated to Silverlight client. So after searching net I came to know that it was behavior by default for s…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question