1st step in role based security


1st step in role based security
View
Options
Author
Message
yh
yh
yh
posted 18 Years Ago
StrataFrame Beginner (38 reputation)StrataFrame Beginner (38 reputation)StrataFrame Beginner (38 reputation)StrataFrame Beginner (38 reputation)StrataFrame Beginner (38 reputation)StrataFrame Beginner (38 reputation)StrataFrame Beginner (38 reputation)StrataFrame Beginner (38 reputation)StrataFrame Beginner (38 reputation)
Group: Forum Members
Posts: 10, Visits: 31

I am trying to make the most simple case (role based security) work.

 

  • one database strataFrame (everybody has this database when downloading strataframe),
  • Create one web site, then using the ‘Security Editor’ create one 1 record for this website: username=somebody , us_data=Test123  
  • In the global.asax, I specify the connection string to the database: strataFrame
  • Then in the default.aspx.vb, I use the following 3 lines code

             Dim loUserInfo As New MicroFour.StrataFrame.Security.BusinessObjects.SFSUsersBO   

             Dim loResult As MicroFour.StrataFrame.Security.Login.LoginResult     

             loResult = MicroFour.StrataFrame.Security.Login.AuthenticateUser("somebody ", " Test123", "nbs", loUserInfo)

 

 

Basically, the above is the whole test web site

 

And the loResult returns ‘failure’

 

 
Reply Like 1
Reply
StrataFrame Team
S
StrataFrame Team
posted 18 Years Ago
StrataFrame Developer (6.5K reputation)StrataFrame Developer (6.5K reputation)StrataFrame Developer (6.5K reputation)StrataFrame Developer (6.5K reputation)StrataFrame Developer (6.5K reputation)StrataFrame Developer (6.5K reputation)StrataFrame Developer (6.5K reputation)StrataFrame Developer (6.5K reputation)StrataFrame Developer (6.5K reputation)
Group: StrataFrame Developers
Posts: 3K, Visits: 2.5K
No, the us_Data field is encrypted with 3DES and uses a 24-byte key and an 8-byte initialization vector for the 3DES algorithm.  Rather than hard-coding the key within SF (so all SF developers would have to use the same key), we allow the key to be specified by the developer.  Within the Role-Based Security Editor, if you open the project properties, you will notice the "User Data Encryption" box that specifies the "Security Key:".  This value is used as the seed for the key and IV that are used by the 3DES to encrypt the data when you create or modify a user.  You then have to specify the value to tell your application how to decrypt the us_Data field for your users within the database.
Reply Like 1
GO

Merge Selected

Merge into selected topic...



Merge into merge target...



Merge into a specific topic ID...



Submit

Threaded View
Threaded View
1st step in role based security
yh - 18 Years Ago
     Answer is here: Add the following line to the global.asax....
yh - 18 Years Ago
     Is this kind of a bug?
yh - 18 Years Ago
             No, the us_Data field is encrypted with 3DES and uses a 24-byte key...
StrataFrame Team - 18 Years Ago
     If user does not specify any value for the "Security Key:", Should...
yh - 18 Years Ago
             Since the key and IV are integral to the security of the application,...
StrataFrame Team - 18 Years Ago
     For those of us that are very new to .net, could you add a web site...
Hugo R. Figueroa - 18 Years Ago
             It probably won't make it into the next update, but we can add it to...
Trent L. Taylor - 18 Years Ago

Similar Topics

Post Quoted Reply
Reading This Topic

Powered by InstantForum 2017-1 Final © 2025
Execution: 0.000. 2 queries. Compression Enabled.

Login

Explore
Messages
Mentions
Search