Re: Interface question

Tech-Archive recommends: Fix windows errors by optimizing your registry

"David Hogue" <davehogue+news@xxxxxxxxx> wrote in message
news:NoS2g.168323$iS4.4815@xxxxxxxxxxxxxxxxxxxxxxxxx
tshad wrote:
"David Hogue" <davehogue+news@xxxxxxxxx> wrote in message
news:uBH2g.79071$7i1.2213@xxxxxxxxxxxxxxxxxxxxxxxxx
Implementing the IPrinciple interface won't have any affect on how your
CustomPrincipal class behaves.

The difference is if you have a function that requires an argument of
type IPrincipal (sorry I don't have an example handy). You would be
able to pass an instance of your first CustomPrincipal in to that
function, but the second would generate a compiler error since it's not
the right type.

Is that the main reason? Other than setting up security, why would I
need
IPrincipal and IIdentity?

My understanding of IPrincipal and IIdentity isn't the best, but I
believe they are used primarily for security. Setting user roles and
that kind of thing.

I am not trying to NOT use it. I am just trying to find out why it is
better than the identical code, without the IPrincipal inheritance.

It's only better if you need treat the class as an IPrincipal.

I assume that the windows Authorization, such as Forms, doesn't need it.
I
mean does windows (IIS) look for IPrincipal and IIdentity when it is
using
managed security context?

Windows and Forms based authentication both use the interfaces, but you
don't need to interact with them directly unless you want to change
default behavior.

For example: The company I work for has a system with users and roles
stored in a database. When a request is authenticated we get a list of
roles and create a GenericPrincipal (GenericPrincipal implements
IPrincipal):

That is what I am curious about.

When you talk about users and roles stored in a database, are you talking
about Windows Users and Roles (User Policies)?

I assume you can't use the GenericPrincipal to handle your own users and
roles, such as office managers and their roles. These would be stored in
your own database and the GenericPrincipal wouldn't know about that.


string[] userRoles = db.GetUserRoles(Context.User.Identity.Name);
Context.User = new GenericPrincipal(Context.User.Identity, userRoles);

Though we didn't use a custom principal class we could have and it might
look something like this:


If you didn't use a custom principal class, I assume you don't store your
own users, roles a policies, right?

public class SmartzPrincipal : IPrincipal
{
private IIdentity identity;
public SmartzPrincipal(IIdentity identity)
{
this.identity = identity;
}

public IIdentity Identity
{
get { return identity; }
}

public IsInRoles(String role)
{
List<string> roles = db.GetUserRoles(identity.Name);
return roles.Contains(role);
}
}

Then we would use it like so:

Context.User = new SmartzPrincipal(Context.User.Identity);

While the version with the interface looks longer in my example it would
actually be simpler than what we have. It would encapsulate all the
role based code in one place and be more reusable.

Also, is CustomPrincipal of type IPrincipal just because it inherits from
it
(maybe I am getting inheritance confused with interfaces).

Implements is the word I hear most often when referring to interfaces.
It's really the same concept as inheriting from a base class, except you
can implement multiple interfaces and only inherit from one base class.

CustomPrincipal is of type IPrincipal because it implements it.

I am trying to see all the reasons why to use interfaces.

Thanks,

Tom

I hope I'm helping and not just confusing things...

You are. I am just trying to really understand it. I sort of understand
interfaces, but am trying to find the reasons to use them vs when not to use
them. Just because you can doesn't mean you should (in all cases).

Thanks,

Tom

--
David Hogue


.

Relevant Pages

  • Re: Interface question
    ... My understanding of IPrincipal and IIdentity isn't the best, ... without the IPrincipal inheritance. ... Windows and Forms based authentication both use the interfaces, ... Though we didn't use a custom principal class we could have and it might ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Interface question
    ... My understanding of IPrincipal and IIdentity isn't the best, ... Windows and Forms based authentication both use the interfaces, ... When you talk about users and roles stored in a database, ... If you didn't use a custom principal class, I assume you don't store your ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Interface question
    ... My understanding of IPrincipal and IIdentity isn't the best, ... Windows and Forms based authentication both use the interfaces, ... When you talk about users and roles stored in a database, ... If you didn't use a custom principal class, I assume you don't store your ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Interface question
    ... My understanding of IPrincipal and IIdentity isn't the best, ... Windows and Forms based authentication both use the interfaces, ... When you talk about users and roles stored in a database, ... If you didn't use a custom principal class, I assume you don't store your ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: C# analogs of Java classes
    ... What I want to do is create a custom visual display, ... your form, one for each square. ... It is possible that I can even go further up the inheritance chain ...
    (microsoft.public.dotnet.languages.csharp)