How to bypass security


Author
Message
Doug Zapp
Doug Zapp
StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)
Group: Forum Members
Posts: 39, Visits: 225
I've been wondering if there is an easy way in a development environment to bypass the RBS security?



I've been trying to comment out some of the code in the program.cs file (security objects and method calls), thinking that this would turn off the security. But even after commenting out this code, my custom login form continues to get called, even though all the objects and references have been commented out. Is this tied in to the app another way after its been built?



Thanks,

Doug.
Trent Taylor
Trent Taylor
StrataFrame Developer (10K reputation)StrataFrame Developer (10K reputation)StrataFrame Developer (10K reputation)StrataFrame Developer (10K reputation)StrataFrame Developer (10K reputation)StrataFrame Developer (10K reputation)StrataFrame Developer (10K reputation)StrataFrame Developer (10K reputation)StrataFrame Developer (10K reputation)
Group: StrataFrame Developers
Posts: 6.6K, Visits: 6.9K
The way that the RBS was designed to bypass security is the Administrator password.  When you login with the administrator password, then it is like not having security implemented as all features and functionality will be granted.

If you do not want to show the login form altogether, but keep RBS intact, then you will need to handle this in the Appmain.vb or program.cs.  You will want to manually call the authentication methods in security and pass over the Administrator password.  You would handle this in the ShowLoginAndInitMainForm method in the Appmain.vb or program.cs file.

You can manually verify authentication with the AuthenticateUser method:

MicroFour.StrataFrame.Security.Login.AuthenticateUser(...)

Edhy Rijo
E
StrataFrame VIP (4.7K reputation)StrataFrame VIP (4.7K reputation)StrataFrame VIP (4.7K reputation)StrataFrame VIP (4.7K reputation)StrataFrame VIP (4.7K reputation)StrataFrame VIP (4.7K reputation)StrataFrame VIP (4.7K reputation)StrataFrame VIP (4.7K reputation)StrataFrame VIP (4.7K reputation)
Group: StrataFrame Users
Posts: 2.4K, Visits: 23K
Hi Doug,

I use the following code in the AppMan.vb ShowLoginAndInitMainForm()

#If DEBUG Then

     '-- Use a predefine login name while testing the application in debug mode.

     Login.SetLoggedInUser("Administrator", "admin" & DateTime.Now.Day.ToString(), "")

     ' Login.SetLoggedInUser("Angel", "jefecito", "")

     ' Login.SetLoggedInUser("Jeannette", "abc123", "")

#Else

     '-- Show the login form and authenticate the user

     e.ShowMainForm = Login.ShowLoginAndAuthUser(True)

#End If

As you can see, while in DEBUG when running the application it will login the Administrator user or any other users I have to test their roles, else it will show the Login form.  Maybe you are looking to do the same.



Edhy Rijo

Doug Zapp
Doug Zapp
StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)StrataFrame Novice (101 reputation)
Group: Forum Members
Posts: 39, Visits: 225
Thanks guys. I like using the directive approach. Nice and clean. Much appreciated.
GO

Merge Selected

Merge into selected topic...



Merge into merge target...



Merge into a specific topic ID...




Similar Topics

Reading This Topic

Login

Explore
Messages
Mentions
Search