Intercepting Parameters with PIAB

Topics: Policy Injection Application Block, Security Application Block
Jun 18, 2008 at 2:29 AM
Hi All,

I currently have a PIAB set up with a custom Authorization Provider that I've written.  Everything is working great, but I really need to get a piece of data out of the parameters that are being passed to some of the methods my Auth Prov. is protecting.  Of course all I'm getting right now is the Parameters that my overriden "Authorize(IPrincipal principal, String context)"  is getting.

Please help.  If I were to write a custom handler, would I be able to intercept the parameters?  If so could I pass them along to my authorization provider? I guess at that point I could just invoke Authorize() myself.  Are there any examples of custom handlers, that intercept parameters being passed?

Thanks,
Justin
Jun 18, 2008 at 11:49 AM
Hi Justin,

Yes, you can create your own call handler and access the complete call information. Take a look at the AuthorizationCallHandler class, and the method Invoke in particular: it gets an IMethodInvocation parameter with the invoked method and its arguments.

Fernando


jasearles wrote:
Hi All,

I currently have a PIAB set up with a custom Authorization Provider that I've written.  Everything is working great, but I really need to get a piece of data out of the parameters that are being passed to some of the methods my Auth Prov. is protecting.  Of course all I'm getting right now is the Parameters that my overriden "Authorize(IPrincipal principal, String context)"  is getting.

Please help.  If I were to write a custom handler, would I be able to intercept the parameters?  If so could I pass them along to my authorization provider? I guess at that point I could just invoke Authorize() myself.  Are there any examples of custom handlers, that intercept parameters being passed?

Thanks,
Justin



Jun 19, 2008 at 12:31 AM

Fernando,

Thanks for the push in the right direction.  Sometimes it's a matter of putting one foot in front of the other, instead of searching for some magic bullet.  My custom handler is now calling my auth provider.  The EL continues to surprise me with it's ease of use.

-Justin


fsimonazzi wrote:
Hi Justin,

Yes, you can create your own call handler and access the complete call information. Take a look at the AuthorizationCallHandler class, and the method Invoke in particular: it gets an IMethodInvocation parameter with the invoked method and its arguments.

Fernando


jasearles wrote:
Hi All,

I currently have a PIAB set up with a custom Authorization Provider that I've written.  Everything is working great, but I really need to get a piece of data out of the parameters that are being passed to some of the methods my Auth Prov. is protecting.  Of course all I'm getting right now is the Parameters that my overriden "Authorize(IPrincipal principal, String context)"  is getting.

Please help.  If I were to write a custom handler, would I be able to intercept the parameters?  If so could I pass them along to my authorization provider? I guess at that point I could just invoke Authorize() myself.  Are there any examples of custom handlers, that intercept parameters being passed?

Thanks,
Justin