In this last part of this tutorial, we are going to discuss about how to deny or grant parts of our services based on authentication rules, for example, lets say that in the application that we have build throughout this tutorial, we would like to deny the non-authorized users the ability to add employees’ information. Open the application in Visual Studio and lets begin.
In the .Web project open the Services/EmployeesService.cs file. In this file we see all the functions-services provided to client applications using this service. In order to deny an unauthorized user to have access to a function we must add the [RequiresAuthentication] attribute before the function. If we want the users of a specific role to be granted a function we must add the [RequiresRole(“role”)] attribute, for example, if we want the “admins” to be granted a specific function, we add the [RequiresRole(“admins”)] attribute. For our purposes, we add the [RequiresAuthentication] attribute before the functions InsertEmployee, UpdateEmployee and DeleteEmployee. Now these functions should look like this:
[RequiresAuthentication] public void InsertEmployee(Employee employee) { if ((employee.EntityState != EntityState.Detached)) { this.ObjectContext.ObjectStateManager.ChangeObjectState(employee, EntityState.Added); } else { this.ObjectContext.Employees.AddObject(employee); } }
[RequiresAuthentication] public void UpdateEmployee(Employee currentEmployee) { this.ObjectContext.Employees.AttachAsModified(currentEmployee, this.ChangeSet.GetOriginal(currentEmployee)); }
[RequiresAuthentication] public void DeleteEmployee(Employee employee) { if ((employee.EntityState == EntityState.Detached)) { this.ObjectContext.Employees.Attach(employee); } this.ObjectContext.Employees.DeleteObject(employee); }
If you now try to add an employee without having logged in you will receive an error message.
Now, we must hide the “AddEmployee” page in the navigation bar if the current user has not logged in. To achieve this, open the MainPage.xaml.cs file and modify the constructor like this:
public MainPage() { InitializeComponent(); this.loginContainer.Child = new LoginStatus();
Link3.Visibility = Visibility.Collapsed; Divider2.Visibility = Visibility.Collapsed; WebContext.Current.Authentication.LoggedIn += new EventHandler<AuthenticationEventArgs>(Authentication_LoggedIn); WebContext.Current.Authentication.LoggedOut += new EventHandler<AuthenticationEventArgs>(Authentication_LoggedOut); }
private void Authentication_LoggedOut(object sender, AuthenticationEventArgs e) { if (WebContext.Current.User.IsAuthenticated == false) { Link3.Visibility = Visibility.Collapsed; Divider2.Visibility = Visibility.Collapsed; } }
private void Authentication_LoggedIn(object sender, AuthenticationEventArgs e) { if (WebContext.Current.User.IsAuthenticated == true) { Link3.Visibility = Visibility.Visible; Divider2.Visibility = Visibility.Visible; } }
However, a user can still navigate to the AddEmployee page through the browser’s navigation bar, so there is one final thing to do in order to secure the page. Open the AddEmployee.xaml.cs file and modify the OnNavigatedTo so that it looks like this:
protected override void OnNavigatedTo(NavigationEventArgs e) { if (WebContext.Current.User.IsAuthenticated == false) System.Windows.Browser.HtmlPage.Window.Navigate(new Uri("#/Home", UriKind.Relative)); }
If you try now to navigate to the AddEmployee page without having logged in, it will redirect you to the Home page.
We now have a rich internet application with web services for assistance and secured, so this tutorial series has finally come to an end, i hope you like it !!
Pingback from Silverlight 4 RIA services tutorial ??? Part 2 - Development Romance
Pingback from Twitter Trackbacks for Silverlight 4 RIA services tutorial ??? Part 3 - Development Romance [studentguru.gr] on Topsy.com
Pingback from Marketing Na Internet Ou Im, Marketing Online, Web Marketing E O Poder Do Marketing Na Internet, Sem E Im Em Kelowna | SEM
Pingback from Dew Drop – July 19, 2010 | Alvin Ashcraft's Morning Dew
using it for a lobg time. Awesome.
Awesome tutorial! I love the domain services. This should definitely get me up and running.
Pingback from Wireless Network Type and Security | High Speed Routers
good content. Thanks a lot.
many, many, many thanks
I've struggled for days to understand this template .. it has all of the important pieces but no guidance .. and in 3 wonderful pages it's almost clear! why it doesn't come with some guidance ...
Great example! Thanks a lot for sharing
Thank you very very much .. very easy to understand
I really appreciate the time you spent in writing the tutorial
Beats by dre studio headphone
I appreciate your blog because of unique content and informative post. Thanks for sharing that.
Cheap NFL,NBA,MLB,NHL [url=http://www.annajerseys.com/]Wholesale Jerseys From China[/url].[url=http://www.annajerseys.com/]China Jerseys[/url],[url=http://www.annajerseys.com/]Sports Jerseys China[/url],[url=www.annajerseys.com/nfl-jerseys-c-1.html]NFL Jerseys China[/url],NBA Jerseys,NHL Jerseys,NFL jerseys For Sale online.All Our Jerseys Are Sewn On and Directly From Chinese Jerseys Factory
[/pre]
[pre]
We Are Professional China Brand Wholesaler,[url=www.anna-wholesale.com/brand-shoes-c-380.html]Wholesale Brand Shoes[/url],Handbags,[url=www.anna-wholesale.com/sports-jerseys-c-379.html]Sports Jerseys China[/url],Jewelry,Hats,[url=www.anna-wholesale.com/sunglasses-c-382.html]Sunglasses From China[/url],Cheap [url=http://www.anna-wholesale.com/]China Wholesael[/url],Wholesale From China,Free Shipping,Cheap Price,7 Days Deliver
Best Converse Online Store From UK,Sale 2011 Newest [url=http://www.sale-converse.com/]Converse All Stars[/url],[url=www.sale-converse.com/converse-flag-shoes-c-130.html]Converse Flag Shoes[/url],Black Converse,White Converse,Navy Converse And So on,[url=http://www.sale-converse.com/]Converse UK[/url],Free Shipping
We are professional jerseys manufacturer from china,wholesal sports jerseys From China,[url=www.anna-jersey.com/nfl-jerseys-c-773.html]NFL jerseys China[/url],[url=www.anna-jersey.com/nhl-jerseys-c-882.html]NHL Jerseys China[/url],[url=www.anna-jersey.com/nba-jerseys-c-821.html]NBA Jerseys China[/url],[url=www.anna-jersey.com/mlb-jerseys-c-694.html]MLB Jerseys China[/url],[url=http://www.anna-jersey.com/]China Jerseys[/url],Free Shipping
[url=http://www.fitflop-uk.com/]fitflops sale UK[/url] [url=http://www.fitflop-uk.com/]fitflop sale[/url]
[url=http://www.china4jersey.com/]Wholesale Jerseys From China[/url],[url=http://www.china4jersey.com/]Wholesale Jerseys[/url],[url=http://www.china4jersey.com/]China Jerseys[/url],NFL Jerseys China Paypal,NHL Jerseys China Paypal,Chinese Jerseys factory,Sewn On Jerseys,Accept Paypal,Free Shipping
Thanks for the information, I'll visit the site again to get update information