I am trying to implement StrataFrame role based security in one of our ASP.NET applications (It's not a StrataFrame App).  I have tried to follow the docs on this and I think I am pretty close, but I seems to have a problem setting the current user, and thus I am having problems extracting the correct permissions.

Here is what I have done so far.

1) Added the appropriate references and imports

2) In the application_start, I added SecurityBasics.IsWebEnvironment = True

3) Added the connection for the security database

    DataLayer.DataSources.Add("SECURITY",Connection String)

4) Set the security datasource key

    SecurityBasics.SecurityDataSourceKey = "SECURITY"

5) Set the current logged in user  (using user1 as test and does exist in the db)

    Dim loResult as Login.LoginResult

    loResult = Login.SetLoggedInUser("user1","password",''")

 The result of the login is 'success' but when I check the SecurityBasics.CurrentUser.UserName, I get "Administrator", which is causing me a problem when I check the currentUser.getPermission.

Did I miss something?

Thanks,

Tim

You can create a new logged in user by using the following command:

CurrentUser = MicroFour.StrataFrame.Security.LoggedInUser.CreateNew(MySFSUsersBO)

Is this what you are trying to get to?

I tired a number of different ways and the end result was the same in each case.

First I tried:

Dim loResult As MicroFour.StrataFrame.Security.Login.LoginResult

loResult = MicroFour.StrataFrame.Security.Login.SetLoggedInUser(loUserName, loPassword, "")

The return value in loResult = Success, but when I checked CurrentUser.UserName, it returned 'Administrator'.

So then I looked at the source code for SetLoggedInUser function and then tried the following code.

Dim loUserInfo As SFSUsersBO = Nothing

Dim loResult As MicroFour.StrataFrame.Security.Login.LoginResult

'-- Authenticate the user

loResult = MicroFour.StrataFrame.Security.Login.AuthenticateUser(loUserName, loPassword, "", loUserInfo)

LoggedInUser.SetLoggedOnUser(loUserInfo)

I believe SetLoggedOnUser executes same code you mentioned in your reply. When I checked variable loUserInfo, after the AuthenticateUser, the user information was correct, but after executing the SetLoggedOnUser, the CurrentUser.Username was 'Administrator'.

I hope I can get this resolved because I committed to implementing the StrataFrame role based security in this web project so I can scrap the existing security model.

Is there something else I can check?

Thanks

Tim

 

 

The AuthenticateUser method does not actually change the CurrentUser object... it only authenticates the user and populates the SFSUsersBO object with the data for the user (if he/she authenticated i.e. the method returned Success).  You then take the exact same business object and pass it to the SetLoggedInUser() method (just like you have above) and it changes the SecurityBasics.CurrentUser object.  So, the username property won't reflect the new user until you call the SetLoggedInUser() method.

I tried that Ben and it didn't seem to work.  I sent you an email with a bunch of screen shots to show you what is happening. Perhaps this will help.

Thanks

Tim