StrataFrame Forum » StrataFrame Application Framework - V1 » Role Based Security » How to bypass security

How to bypass security

Doug Zapp — Wed, 12 Nov 2008 13:19:43 GMT

I've been wondering if there is an easy way in a development environment to bypass the RBS security?

I've been trying to comment out some of the code in the program.cs file (security objects and method calls), thinking that this would turn off the security. But even after commenting out this code, my custom login form continues to get called, even though all the objects and references have been commented out. Is this tied in to the app another way after its been built?

Thanks,
Doug.

RE: How to bypass security

Doug Zapp — Wed, 12 Nov 2008 13:19:43 GMT

Thanks guys. I like using the directive approach. Nice and clean. Much appreciated.

RE: How to bypass security

Edhy Rijo — Wed, 12 Nov 2008 10:40:39 GMT

Hi Doug,

I use the following code in the AppMan.vb ShowLoginAndInitMainForm()

[codesnippet][code]

#If DEBUG Then

'-- Use a predefine login name while testing the application in debug mode.

' Login.SetLoggedInUser("Angel", "jefecito", "")

' Login.SetLoggedInUser("Jeannette", "abc123", "")

#Else

'-- Show the login form and authenticate the user

e.ShowMainForm = Login.ShowLoginAndAuthUser(True)

#End If

[/code][/codesnippet]

As you can see, while in DEBUG when running the application it will login the Administrator user or any other users I have to test their roles, else it will show the Login form. Maybe you are looking to do the same.

RE: How to bypass security

Trent L. Taylor — Wed, 12 Nov 2008 09:25:39 GMT

The way that the RBS was designed to bypass security is the Administrator password. When you login with the administrator password, then it is like not having security implemented as all features and functionality will be granted.

If you do not want to show the login form altogether, but keep RBS intact, then you will need to handle this in the Appmain.vb or program.cs. You will want to manually call the authentication methods in security and pass over the Administrator password. You would handle this in the ShowLoginAndInitMainForm method in the Appmain.vb or program.cs file.

You can manually verify authentication with the AuthenticateUser method:

[codesnippet]MicroFour.StrataFrame.Security.Login.AuthenticateUser(...)[/codesnippet]