StrataFrame Forum

How to bypass security

http://forum.strataframe.net/Topic20723.aspx

By Doug Zapp - 11/12/2008

I've been wondering if there is an easy way in a development environment to bypass the RBS security?



I've been trying to comment out some of the code in the program.cs file (security objects and method calls), thinking that this would turn off the security. But even after commenting out this code, my custom login form continues to get called, even though all the objects and references have been commented out. Is this tied in to the app another way after its been built?



Thanks,

Doug.
By Trent L. Taylor - 11/12/2008

The way that the RBS was designed to bypass security is the Administrator password.  When you login with the administrator password, then it is like not having security implemented as all features and functionality will be granted.

If you do not want to show the login form altogether, but keep RBS intact, then you will need to handle this in the Appmain.vb or program.cs.  You will want to manually call the authentication methods in security and pass over the Administrator password.  You would handle this in the ShowLoginAndInitMainForm method in the Appmain.vb or program.cs file.

You can manually verify authentication with the AuthenticateUser method:

MicroFour.StrataFrame.Security.Login.AuthenticateUser(...)
By Edhy Rijo - 11/12/2008

Hi Doug,

I use the following code in the AppMan.vb ShowLoginAndInitMainForm()

#If DEBUG Then
     '-- Use a predefine login name while testing the application in debug mode.
     Login.SetLoggedInUser("Administrator", "admin" & DateTime.Now.Day.ToString(), "")
     ' Login.SetLoggedInUser("Angel", "jefecito", "")
     ' Login.SetLoggedInUser("Jeannette", "abc123", "")
#Else
     '-- Show the login form and authenticate the user
     e.ShowMainForm = Login.ShowLoginAndAuthUser(True)
#End If

As you can see, while in DEBUG when running the application it will login the Administrator user or any other users I have to test their roles, else it will show the Login form.  Maybe you are looking to do the same.
By Doug Zapp - 11/12/2008

Thanks guys. I like using the directive approach. Nice and clean. Much appreciated.