StrataFrame Forum / StrataFrame Application Framework / Role Based Security

Role Base Security Video Demo

Vikas Gupta — Sat, 06 Mar 2010 01:36:00 GMT

Is here any Video Demo to explain how to imlement Role Base security n login Authentication?

Please Reply

video demo for role base security

Keli Mor Mor, r — Sun, 07 Mar 2010 22:28:16 GMT

I m new n start up frame.is there any video available for role base security implementatin.

plzzzzzzzzzz favour me........

Security Implementation

Vikas Gupta — Wed, 03 Mar 2010 06:45:59 GMT

How we can implement security in Strata????

How to tell which users are currently logged?

Edhy Rijo — Thu, 18 Feb 2010 15:41:21 GMT

Hi,

I need to show in a report or form which users defined in RBS are currently logged into the application, is there a property or method of SFSUsersBO that can help me get that information?

I was playing with SecurityBasics.CurrentUser.LoggedOnAt but don't know if this field is set to null or something after the user log out.

Migrating User Logins (SOS!)

Kotowari Lim — Mon, 25 Jan 2010 04:15:15 GMT

Dear experts,

I'm a newbie on Strataframe and has been delegated to do a project, as per subject mentioned. Well, I understand that this might not be a proper way of learning, but I'm really facing both difficulty during creating, as well as very limited and tight time frame provided (only left 3 days given). Following are the situations and task to do:

[u][b]Requirements[/b][/u]
1) A windows-based application to to migrate/import a list of user logins into strataframe (table: Users, UsersXRoles and etc.)
2) User Role inserted during migration (Role will be pre-defined before the process)
3) Password based on specific fields (eg. Password, Identification No., Passport No. etc.)
4) Source file from other database and table (eg. MSSQL: myDatabase, myTempLoginTable). This temporary table shall consists of full information required during the migration (eg. User login, First Name, Last Name, Password, Role and any others if necessary).

Please kindly enlight and assist me upon the matters (eg. what are the additional information needed, what are the references needed, how to defined Keys, how to encrypt relevant data and etc.). A full sample and/or source are very very very appreciated. Thanks in advance and really hope to hear from you guyz soon.

Thanks and regards

kotowari

SubClassing Security-Dialogs

Rainer Kempf, RK — Thu, 10 Dec 2009 01:54:48 GMT

Hello

I Have a Question about Subclassing all Securtity Dialogs.
I want to subclass all Dialogs to add some Functionalltiy and Layout Features.
I there a Way to call my Classes in the Framework ?

Thank you very much

Rainer

Problems with integrated user accounts - new thread

James E Jernigan — Fri, 20 Nov 2009 23:07:25 GMT

I have attached a zip file that contains the complete sample application solution for Visual Studio 2008 using C#. This was created using Strataframe version 1.7.0.2

I did not change any of the default code that was generated by the Strataframe template. I only added code for the "click" event of the button that I added to the form that was created by the template.

You should be able to unzip this file structure and then build, compile and run the application in the normal default debug mode of Visual Studio.

The zip file is named SecurityTest.zip

Problems with integrated accounts

Juan Carlos Pazos — Wed, 11 Feb 2009 23:32:00 GMT

This is the second time I put this, last was not solution or answer. Please I really need the integrated accounts works because I can not access to the Security editor of the application.

I'm using the last beta version of SF and RBS, when installed I let update the SQL tables. And I add some tables later and use the DDT to deploy and update my database.

The problem occurs only after update to the most recent version. If I use the "admin" integrated account I can use all the application excep the Security Editor.

I have this for enter as default admin user in AppMain.vb

'-- Set the administrative and security maintenance usernames and passwords
SecurityBasics.AdministratorUserName = "admin"
SecurityBasics.AdministratorPassword = "admin" & DateTime.Now.Day.ToString() '-- set the admin password so that it changes from day to day
SecurityBasics.AdministratorUserPk = -1
SecurityBasics.SecurityMaintenanceUserName = "seguridad"
SecurityBasics.SecurityMaintenancePassword = "seguridad" & DateTime.Now.Day.ToString() '-- set the admin password so that it changes from day to day
SecurityBasics.SecurityMaintenanceUserPk = -2

Previous to this release I could enter as admin and go to the Security editor to manage the security of the application. Now if enter as "admin" the code breaks here:

#Region " Data Transformation Functions "
''' <summary>
''' Converts the byte array into an encrypted or decrypted byte array.
''' If the passed data was encrypted, it will be decrypted and vice-versa.
''' </summary>
''' <param name="input"></param>
''' <param name="CryptoTransform"></param>
''' <returns></returns>
''' <remarks></remarks>
Private Function Transform(ByVal input() As Byte, ByVal CryptoTransform As ICryptoTransform) As Byte()
' Create the necessary streams
Dim memStream As MemoryStream = New MemoryStream
Dim cryptStream As CryptoStream = New CryptoStream(memStream, CryptoTransform, CryptoStreamMode.Write)
' Transform the bytes as requested
cryptStream.Write(input, 0, input.Length)
cryptStream.FlushFinalBlock() '-- HERE

The code I use all time to show the security editor is this (previous the update works all time)

Dim loForm As SecurityDialog
If SecurityBasics.CurrentUser.GetPermission("Application Security").Action = PermissionAction.Grant Then
loForm = New SecurityDialog()
loForm.ShowDialog()
Else
MessageForm.ShowMessage("Acceso denegado", "No tiene permitido el acceso al editor de seguridad.", "", MessageFunction.OK, MessagingIcon.Forbidden, MessagingSounds.Warning)
End If

And if try to enter with the "seguridad" user, I get this error:

The CurrentRow for table '[dbo].[SFSUsers]' could not be evaluated because the CurrentRowIndex is out of range.  Business object record count: 0.  CurrentRowIndex: -1.

I dind not change anything in my security functions or users permissions.

I read the some changes were made to security, but I can't found anything that point to the problem I'm having now.

Regards

Error by Deployment Package Wizard

Rainer Kempf, RK — Fri, 28 Aug 2009 05:10:11 GMT

Hello

I have follwing Problem
I create Deployment-Package for Security. All works fine.
When i deploy Data to Server also no error.

But when i try to Access exportet users in my Appliction after import i got Message that USER is not VALID

I checked tables an can see no differnece ?

So what could be the reason for this behaviour ?

Thanks
Rainer

SecurityHelp_Source.zip is empty

Russell Scott Brown — Fri, 14 Aug 2009 11:56:40 GMT

I noticed this on previous versions as well but thought I would point it out this time.

The subject zip file is empty and can't be extracted.

How to ensure a unique password?

Keith Chisarik — Wed, 29 Jul 2009 18:34:47 GMT

I have the need to ensure that no two users have the same password. Is this possible within the RBS? I hope so since the password is encrypted, checking all the users for duplicates would not be ideal.

Also, just making sure you are still planning to allow a "hook" of some type into the RBS, I need to call up an application form that extendends the RBS security by tying to the security user PK, right now the user has to maintain security in two places. A button that could call a form from within the RBS Editor and pass the PK of the current RBS user being edited would be great.

TIA

how to check permissions for user other than the current user

Keith Chisarik — Wed, 01 Jul 2009 12:39:53 GMT

I need to check permissions for a given key for a user for which I will only have either the username or primekey value.It will not be the currently logged in user. How please?

Login.SetLoggedInUser Exception

dgsoft — Fri, 12 Jun 2009 04:17:46 GMT

Hi,
I have a problem with some users login.
I have a Web Application and function below I use for user identification. parameters tcLogin, tcPassword is valid and has correct string values.
Also.. with some authorization data - I have no problem, but with another.. I have an exception "Das Objekt mit Nullwert muss einen Wert haben." and I have no idea whats wrong.
I made simple desktop application for same database, and in desktop application, I can login without any problems with same user data.

Thanks for Help
Denis.

[code]
Private Function mmks_authorization(ByVal tcLogin As String, ByVal tcPassword As String, ByVal tcMandator As String) As Login.LoginResult
Dim loResult As MicroFour.StrataFrame.Security.Login.LoginResult = Login.LoginResult.Failure

Try
loResult = MicroFour.StrataFrame.Security.Login.SetLoggedInUser(tcLogin, tcPassword, "") ' Login to server
Catch ex As Exception
mmks_ShowNotification(ex.Message)
End Try
.................
[/code]

Access Security Only via Enterprise Server

Derek Price — Mon, 18 May 2009 13:30:05 GMT

In our WinForms application, we are using role-based security. I can only save security changes via either the SecurityDialog or UserEditor when connected to our SQL Server 2008 database [b]through[/b] Enterprise Server. If I connect to the same database without Enterprise Server it will result in an exception on saving:

[code]MicroFour.StrataFrame.Business.BusinessLayerException: An error occurred while saving an the data to the server. ---> MicroFour.StrataFrame.Data.DataLayerSavingException: Object reference not set to an instance of an object. ---> System.NullReferenceException: Object reference not set to an instance of an object.
at MicroFour.StrataFrame.Data.DbDataSourceItem.InternalExecuteReader(DbCommand Command, Boolean IsTransactional, String TransactionKey)
at MicroFour.StrataFrame.Data.SqlDataSourceItem.UpdateRow(QueryInformation QueryInfo, DataRow RowToUpdate, ConcurrencyExceptionHandler ConcurrencyHandler, AddRowErrorHandler RowErrorHandler, Boolean RecreateCommand)
at MicroFour.StrataFrame.Data.DbDataSourceItem.UpdateRow(QueryInformation QueryInfo, DataRow RowToUpdate, ConcurrencyExceptionHandler ConcurrencyHandler, AddRowErrorHandler RowErrorHandler)
at MicroFour.StrataFrame.Data.DataLayer.UpdateDataTableThread(Object ThreadParams)
--- End of inner exception stack trace ---
at MicroFour.StrataFrame.Data.DataLayer.UpdateDataTable(DataTable TableToUpdate, Boolean Transactional, String TransactionKey)
at MicroFour.StrataFrame.Data.DataLayer.SaveByForm(DataTable TableToSave, Boolean Transactional, String TransactionKey)
at MicroFour.StrataFrame.Business.BusinessLayer.SaveByForm(Boolean Transactional, String TransactionKey)
--- End of inner exception stack trace ---
at MicroFour.StrataFrame.Business.BusinessLayer.SaveByForm(Boolean Transactional, String TransactionKey)
at MicroFour.StrataFrame.UI.Windows.Forms.BaseForm.Save(Boolean Transactional, String TransactionKey)
at MicroFour.StrataFrame.UI.Windows.Forms.BaseForm.Save()
at MicroFour.StrataFrame.Security.UserEditor.cmdSave_Click(Object sender, EventArgs e)
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativewindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativewindow.WndProc(Message& m)
at System.Windows.Forms.Nativewindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(Int32 dwComponentID, Int32 reason, Int32 pvLoopData)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.RunDialog(Form form)
at System.Windows.Forms.Form.ShowDialog(IWin32Window owner)
at OHR.SYSTOC.WinForms.FileMain.MD.btnSecurity_Click(Object sender, EventArgs e) in c:\projects\SYSTOC.NET\MAIN\CODE\OHR.SYSTOC.WinForms.FileMain\Md.cs:line 45
[/code]

We correctly set the key stuff here in Program.cs:

[code]SecurityBasics.SecurityDataSourceKey = MyApp.SecurityDataSourceKey;
SFSPreferencesBO.RetrieveSecurityPreferences();

//-- Set the encryption key and vector for the user data
SecurityBasics.SetSecurityKeyAndVectorForUserAuthentication(MyCompany.MyApp.SecurityKey);
[/code]

We also data deploy all the SFS* tables to this database in the DDT. Any ideas on why this may be happening?

Thanks,
Derek

Web App GetPermission() is always PermissionAction.Grant

Chris Diesel — Thu, 16 Apr 2009 12:13:47 GMT

I'm working on a web app that uses the same RBS as a windows app I'm also working on. The web login seems to work fine using SetLoggedInUser() and the CurrentUser is then set to what I would expect. When I use CurrentUser.GetPermission(), it always returns PermissionAction.Grant. This happens if the user was granted the specified permission, the specified premission is denied or the specified premission doesn't even exist. I have IsWebEnvironment=true and DefaultPermissionAction set to Deny in Global.asax. This is working fine for me in the windows app. Any ideas what I'm doing wrong on the web side? Thanks!

Security Error with restricted user in Vista or XP

Edhy Rijo — Tue, 14 Apr 2009 22:00:44 GMT

I have a customer wich have their users with a very restricted rights and the Security Editor form is trying to access the HKEY_LOCAL_MACHINE in the SaveSizeAndLocation() and this key is not allow for the users.

Here is the Stack, and I am using the latest beta:
[codesnippet]UnauthorizedAccessException
Access to the registry key 'HKEY_LOCAL_MACHINE\Software\MicroFour\Security\Editor\UserEditor' is denied.

Source : mscorlib

Stack Trace:
at Microsoft.Win32.RegistryKey.Win32Error(Int32 errorCode, String str)
at Microsoft.Win32.RegistryKey.CreateSubKey(String subkey, RegistryKeyPermissionCheck permissionCheck, RegistrySecurity registrySecurity)
at Microsoft.Win32.RegistryKey.CreateSubKey(String subkey)
at Microsoft.Win32.Registry.SetValue(String keyName, String valueName, Object value, RegistryValueKind valueKind)
at MicroFour.StrataFrame.Win32.RegistryRepository.WriteValue(String KeyPath, String ValueName, Int32 Value)
at MicroFour.StrataFrame.Win32.RegistryRepository.WriteValue(String ValueName, Int32 Value)
at MicroFour.StrataFrame.UI.Windows.Forms.BaseForm.SaveSizeAndLocation()
at MicroFour.StrataFrame.UI.Windows.Forms.BaseForm.OnFormClosing(FormClosingEventArgs e)
at System.Windows.Forms.Form.CheckCloseDialog(Boolean closingOnly)
[/codesnippet]

RBS (Strataframe) database on a separate server

Jeff Pagley — Mon, 06 Apr 2009 12:25:17 GMT

Hi SF Team,

How do I setup the DB connections in my app to point to the RBS (Strataframe) database on a different server than my user database. Right now what I am doing is the following which is a connection string which points to the same server for both databases.

builder.DataSource = MyDataSource

builder.InitialCatalog = MyDataBase

builder.UserID = "sa"

builder.Password = MyPassword

DataLayer.DataSources.Add(New SqlDataSourceItem("", builder.ConnectionString))

Thanks,

Jeff

Problem with DDT

Rainer Kempf, RK — Fri, 27 Mar 2009 14:19:59 GMT

Hello Trent

Today i installed latest Beta-Version.

I want to create new Deployment Package

Then first error appears (error.gif)

i ignore and then want to deploy my Data

Here comes up also error (error1.gif)

what is wrong ?????

thank rainer

Deploying Role Based Security with DDT

Jon Neale — Thu, 05 Mar 2009 15:16:43 GMT

Hi,

I am trying to evaluate the Role Based Security but am struggling to get it up and running. I've read through the Deploying Security Data and downloaded the script as directed:

"Download the Script - Click here to download the script. Once downloaded, extract the .sql file from the Zip."

But when I try to use the Role based Security Function in VS and add new I keep getting an error stating:

Invalid object name 'dbo.SFSProjects'.

Which is correct as that table doesnt exist in the script.

I have tried a few things and got a bit further only to find a different problem so I have started again.

Can anyone point me in the right direction?

Thanks

Jon

How to implement the audit correctly : Questions....

Malcon M. Mikami — Mon, 09 Feb 2009 05:23:47 GMT

How to implement the audit correctly
I have some doubts about the audit in Strata.
Talking with Ivan (http://forum.strataframe.net/Topic21835-21-1.aspx) was discussing how best to implement in my application. My application already audits the data changed, but not events. Also noticed some errors in type conversion of fields, as would implementing the audit were some more questions:
Using the integrated audit of strata:
1 - The audit data from BO (AuditDataChanges) is marked, but it only works if I set my project to audit all (SecurityBasics.AllowAuditDataChanges = true)
This is normal?
2-still can not audit the events, some secret? I got a call DeleteUsers where pm_AlwaysAuditApp Permission = True and AlwaysAuditData = True and this permission is assigned to a User, and bound DeleteSecurityKey the property of my BoUsers. A mistake? He should not have when I delete the audit client?
3-I can not audit fields that are not String. The method returns an error Auditor.FieldChange conversion.

In short, I am doing something wrong with the integrated audit of Strata or should I overwrite the audit in my application.

What is a working example of the audit, or the way of how I implement correctly?

The integration of the Strata of the audit is taking me 2 weeks.

Criar auditoria no sistema

Malcon M. Mikami — Thu, 05 Feb 2009 09:45:46 GMT

Bom dia Ivan ("desculpe eu sempre me refenciar a voce, mas vc é o "cara" que sempre resolve e fala o bom e velho portugues.

Estou trabalhando na auditoria, agora que finalizei a seguranca. Implementei uma classe que herda A BusinnesLayer e nela estou sobrescrevendo o beforesave e beforedelete e la chamando o AuditChanges , igual ao topico http://forum.strataframe.net/Topic6131-21-2.aspx#bm16438 postado pelo Guilhermo Villas . Ae meus BOS herdam esta classe criada e o processo estaria feito.

Voce pode me dizer se estou no caminho certo?

O certo nao seria implementar na Classe BusinessLayer do proprio strata para ficar nativo?

O beta 1.6.7 tras nativo ja a funcionalidade?

Como voce implementou em seus programas, e se eh possivel, disponibilizar todo ou uma parte.

Abraços

Administrative and security maintenance usernames and passwords problem

Juan Carlos Pazos — Mon, 02 Feb 2009 12:44:01 GMT

I'm using the last version of SF and RBS, I found a problem after change to this version.

I have this for enter as default admin user in AppMain.vb

[codesnippet]

'-- Set the administrative and security maintenance usernames and passwords

SecurityBasics.AdministratorUserName = "admin"

SecurityBasics.AdministratorPassword = "admin" & DateTime.Now.Day.ToString() '-- set the admin password so that it changes from day to day

SecurityBasics.AdministratorUserPk = -1

SecurityBasics.SecurityMaintenanceUserName = "seguridad"

SecurityBasics.SecurityMaintenancePassword = "seguridad" & DateTime.Now.Day.ToString() '-- set the admin password so that it changes from day to day

SecurityBasics.SecurityMaintenanceUserPk = -2

[/codesnippet]

Previous to this release I could enter as admin and go to the Security editor to manage the security of the application. Now if enter as "admin" the code breaks here:

[codesnippet]

#Region " Data Transformation Functions "

''' <summary>

''' Converts the byte array into an encrypted or decrypted byte array.

''' If the passed data was encrypted, it will be decrypted and vice-versa.

''' </summary>

''' <param name="input"></param>

''' <param name="CryptoTransform"></param>

''' <returns></returns>

''' <remarks></remarks>

Private Function Transform(ByVal input() As Byte, ByVal CryptoTransform As ICryptoTransform) As Byte()

' Create the necessary streams

Dim memStream As MemoryStream = New MemoryStream

Dim cryptStream As CryptoStream = New CryptoStream(memStream, CryptoTransform, CryptoStreamMode.Write)

' Transform the bytes as requested

cryptStream.Write(input, 0, input.Length)

cryptStream.FlushFinalBlock() '-- HERE

[/codesnippet]

The code I use all time to show the security editor is this (previous the update works all time)

[codesnippet]

Dim loForm As SecurityDialog

If SecurityBasics.CurrentUser.GetPermission("Application Security").Action = PermissionAction.Grant Then

loForm = New SecurityDialog()

loForm.ShowDialog()

Else

MessageForm.ShowMessage("Acceso denegado", "No tiene permitido el acceso al editor de seguridad.", "", MessageFunction.OK, MessagingIcon.Forbidden, MessagingSounds.Warning)

End If

[/codesnippet]

And if try to enter with the "seguridad" user, I get this error:

[codesnippet]The CurrentRow for table '[dbo].[SFSUsers]' could not be evaluated because the CurrentRowIndex is out of range. Business object record count: 0. CurrentRowIndex: -1.[/codesnippet]

I dind not change anything in my security functions or users permissions.

I read the some changes were made to security, but I can't found anything that point to the problem I'm having now.

Regards

Delete user

Teddy Jensen — Tue, 27 Jan 2009 08:39:32 GMT

Isn't possible to delete a user via the Security dialog anymore?

According to the documentation there used to be a delete user button and also an option to delete in the user context menu:

Has this functionality been removed? Hopefully not, because some of my customers has the need for deleting users, and it will be to bad to plumb this in my self every time SF comes in a new version.

/Teddy

Retrive Data from us_Data (SFSUsers)

Malcon M. Mikami — Wed, 21 Jan 2009 05:06:16 GMT

How can I recover data from the field us_data the table SFSUsers?
As I understand it, the field us_data, has the password, the history of passwords, where he is administrator, account is active and so forth.
Is there a method that returns this information?
If there are, some other member of the forum has done some function for that?

Como posso recuperar os dados do campo us_data da tabela SFSUsers?
Pelo que entendi, o campo us_data, possue a senha, o histórico de senhas, se ele é administrador, conta está ativa, etc.
Há algum metodo que retorne esta informação?
Caso não haja, algum outro membro do forum já fez alguma função para isso?

ViewSecurityKey in InheritsForm

Malcon M. Mikami — Tue, 13 Jan 2009 10:09:19 GMT

By testing the safety of the form in an inherited form, the property in the form ViewSecurityKey "son" does not work, only the form of "father

Any suggestions?

Login screen do not get focus

Sachin Saxena — Thu, 18 Sep 2008 01:37:01 GMT

Hi,
I created a custom login form, using StrataFrame login form. While login form displays, cursor placed correctly in the username filed but user could not type it because screen did not get focus.

How can I got focus on screen.

Replecement char for calculated field

Juan Carlos Pazos — Tue, 06 Jan 2009 20:27:22 GMT

I'm using the security and for several fields I have replacement chars, it works great. But I have some fields that are calculated fields, they are not part of the database and the BO.

Is there a way to use the replacement chars of the RBS for this fields?

Kindest regards

Status/features of auditing?

Greg McGuffey — Tue, 23 Jan 2007 18:00:23 GMT

What is the status of the auditing feature of the security module?

How will it work?

How to change the UI langue

Raymond Lo — Mon, 01 Dec 2008 08:53:49 GMT

Dear Sir,

In my application, I using the language is chinese Big5 code, the Security library default language is english. Can I change the all the UI default language to Chinese Big5, and how to apply this change?

eg: step 1: convert the xxx.xml to chinese

step 2:.....

thanks.

How to avoid that MainScreen is closed when Session Lock

Rainer Kempf, RK — Sun, 23 Nov 2008 10:24:34 GMT

Hello,

How can i avoid that Main-Screen is closed(hidden) when Session locks ?

I was searching around but can't find a Solution.

Also would be interessting to know how do display Exit button (in Loggin Form) for Re-Login.

thanks

Rainer

How to know is logged in?

Chan — Sat, 22 Nov 2008 19:24:19 GMT

Hi,
How could I know if user has logged in system in Web environment?

Thank you

Is it possible to temporarily apply admin or last logged in user rights in order to close forms?

Cory Cookson — Thu, 20 Nov 2008 08:05:34 GMT

Scenario:

1) User 1 logs in with admin rights and opens up form1

2) Lock Screen happens due to timeout or pushing F11

3) User 2 logs in with lower rights than User 1

4) Here I want to close form1 so that User 2 has a fresh start with no open screens.

Question:

Is there a way to temporarily provide admin or the last users rights so that open forms can be closed programatically and then return to using User 2's rights?

What is the usage of LoginSecurityKey?

Chan — Mon, 24 Nov 2008 21:44:01 GMT

Hi,
May I know how to use this?

Thank you

Deny by default

Chan — Mon, 24 Nov 2008 21:41:38 GMT

Hi,
I found that, if any permission key given is found from database, it will auto be granted.
Is there any setting to change this behavour to always denied if not exist? Or, I need to subclasss LoggedInUser class?

Thank you

Retrieve Users First and Last Name

Paul Chase — Fri, 21 Nov 2008 10:33:07 GMT

I may be missing something but I don't see where to get the current logged in users first and last name. I am poking around in securitybasics and obviosly can get user name and pk, but don't see an easy way to get a the first and last name of the user.

I will make a user bo and fill by PK to get what I need but it would be nice if the name property's could be exposed within the security basics class unless they already are in that case show me the light!! :D

Paul

Getting Exception Filling SFSUsersBO

Peter Denton — Tue, 18 Nov 2008 01:55:13 GMT

G'day

I'm getting the following exception:

[codesnippet]System.ArgumentNullException was unhandled by user code
Message="Value cannot be null. Parameter name: InString"
ParamName="InString"
Source="mscorlib"
StackTrace:
at System.Convert.FromBase64String(String s)
at MicroFour.StrataFrame.Security.Encryption.TripleDESWrapper.Decrypt(String text)
at MicroFour.StrataFrame.Security.BusinessObjects.SFSUsersBO.EncryptedData..ctor(String DataString, String UserName, Int32 ProjectPK)
InnerException: [/codesnippet]

This occurs on line 521 in the following Strataframe code:

[codesnippet]C:\Program Files\MicroFour\StrataFrame Source Code\MicroFour StrataFrame Base\encryption\tripledeswrapper.vb

520 Public Function Decrypt(ByVal text As String) As String
521 >>>> Dim input() As Byte = Convert.FromBase64String(text)
522 Dim output() As Byte = Transform(input, m_des.CreateDecryptor(m_key, m_iv))
523
524 Return m_utf8.GetString(output)
525 End Function
[/codesnippet]

There are two spots in my code that cause this (as indicated):

[codesnippet] Dim UserName As String = "PeterD"
Dim SFUsersBO As New MicroFour.StrataFrame.Security.BusinessObjects.SFSUsersBO

>>>> SFUsersBO.FillByUserName(UserName)

...

>>>> SFSUsersBO.FillAll(0)

[/codesnippet]

I'm running Strataframe 1.6.6, with SQL references updated and recompiled so it can interact with SQL Server 2008.

The SFS tables (excluding the project table) are in our Application Database, on a SQL server 2008 instance.

I've populated the Users progamatically, but they show as normal users in the security dialog, and I'm able to edit them sucesfully.

If I ignore the exception, (which recurs in the first instance 3 or 4 times, and in the second instance once for each user in the table), the BO gets populated with information that looks OK to me.

Any thoughts as to what might be happening?

Peter

Logical delete and then save cause error

Chan — Tue, 11 Nov 2008 20:17:58 GMT

Hi,
I am using DevExpress ASPxGridView to bind to SFUsersBO. When I delete record from ASPxGridView, it only "logical" delete record from BO. I need to call BO.Save() in order to commit changes to database.
I hit error "currentRowIndex is out of range" when I call SFUsersBO.Save(). I found that is logic in SFUsersBO.BeforeSave() to log the user changes via CurrentRow property. This cause the error.

How should I resolve it?

Note: error would occurred if BO only has one record. If that is more than 1 records, the change log would recorded wrongly.

Thank you

How to bypass security

Doug Zapp — Wed, 12 Nov 2008 09:17:38 GMT

I've been wondering if there is an easy way in a development environment to bypass the RBS security?

I've been trying to comment out some of the code in the program.cs file (security objects and method calls), thinking that this would turn off the security. But even after commenting out this code, my custom login form continues to get called, even though all the objects and references have been commented out. Is this tied in to the app another way after its been built?

Thanks,
Doug.

Programatically access users role

Philipp Guntermann — Mon, 28 Jul 2008 05:23:47 GMT

Is there a simple way to access the rules assigned to a specified user ?

this is what i got so far:

ISecurityUser U = MicroFour.StrataFrame.Security.SecurityBasics.CurrentUser;

MicroFour.StrataFrame.Security.BusinessObjects.SFSRolesBO RolesBO = new MicroFour.StrataFrame.Security.BusinessObjects.SFSRolesBO();

RolesBO.FillAllByUser(U.UserPK);

thanks :)

Role groups within a single application

Larry Caylor — Fri, 07 Nov 2008 11:15:45 GMT

I'm trying to find a way to use the RBS module for a new application and haven't been able to figure out a way to meet the applications requirements. The application will be used to track multiple projects. New projects may be added to the application at run time. All projects will share the same permissions. Users need the ability to have different roles and permissions within each project and I need to be able to determine their permissions for a specific project at run time, not just the over all application. Attached is a diagram of what I'm trying to accomplish. Any suggestions?

-Larry