Authentication CodeSample - Demo for the new 6.4 per form authentication
From Visual WebGui Wiki
 |
This article will have a few sections added to it soon, based on the following article type skeleton: NewCodeSampleTemplate |
Contents |
Overview
This code sample will demonstrate the new version 6.4 per form authentication settings.
You will see how to adjust the form settings for a per form authentication, session level authentication and no authentication, and you will also see the effect of having a context level authentication and session level authentication active on the same project.
Session level authentication is the only method used for pre 6.4 versions of Visual WebGui. This means that you set VWGContext.Current.Session.IsLoggedOn = true to signal that the user has been authenticated. This is the default setting for version 6.4.
Context level authentication, new to 6.4, means that you use VWGContext.Current.IsLoggedOn = true to signal that current context is authenticated. Having one context authentication at context level, does not mean that another context is also authenticated, meaning that you can have two different active mainform with different IsLoggedOn settings, or that you can have two different mainforms with different users logged on, provided that you store the username of the active user in a context safe place.
The session level authentication setting = true, overrides all other context level authentication settings, meaning that if you set session level IsLoggedOn = true, then all forms automatically are authenticated at context level. This means that if you have one form with context level authentication, and then another with session level authentication, then after you logon at session level, you do not get the logon form for the second mainform with context level authentication, as that is already authenticated because of the session level setting.
Samples of use
web.config authentication settings
<Applications> <!-- Session level authentication with different logon forms each --> <Application Code="FormTypeB" Type="MultiLogonTest_CSharp.FormTypeB, MultiLogonTest_CSharp" Authentication="MultiLogonTest_CSharp.LogonFormTypeB, MultiLogonTest_CSharp" Stateless="False" ForceSSL="False" /> <Application Code="FormTypeA" Type="MultiLogonTest_CSharp.FormTypeA, MultiLogonTest_CSharp" Authentication="MultiLogonTest_CSharp.LogonFormTypeA, MultiLogonTest_CSharp" Stateless="False" ForceSSL="False" /> <!-- Session level authentication with the third type of logon form --> <Application Code="FormGlobal" Type="MultiLogonTest_CSharp.FormGlobal, MultiLogonTest_CSharp" Authentication="MultiLogonTest_CSharp.LogonFormGlobal, MultiLogonTest_CSharp" Stateless="False" ForceSSL="False" /> <!-- A form with no authentication --> <Application Code="FormNoLogon" Type="MultiLogonTest_CSharp.FormNoLogon, MultiLogonTest_CSharp" Authentication="None" Stateless="False" ForceSSL="False" /> </Applications>
The demo application
As seen above in the web.config settings section, the demo application has 4 mainforms. The startup form, FormNoLogon, requires no authentication and starts without a logon form. The FormTypeA and FormTypeB have seperate logon form each and they use context level authentication. Finally FormGlobal, which has it's own logon form, uses session level authentication.
The forms contain buttons to redirect back and forth between those 4 forms.
A recommended case to try is to go to FormTypeA and from there to FormTypeB and note that you are required to enter username in each case. Then go to FormGlobal and from there to either FormTypeA or FormTypeB and note that after you authenticate at session level for FormGlobal, you are not required to authentication to either of these forms, as the session is already authenticated.
Of course you can at any time redirect to FormNoLogon without authenticating, as that form does not require authentication.
SDK Version highlights
The authentication settings used in this demo, require version 6.4.0P4 or above.
Rererences
Code samples
- The demo application can be downloaded
here
