Custom Authorization Provider - via configuration tool

Topics: Security Application Block
Oct 29, 2008 at 3:22 AM
I am trying to add a custom authorization provider to my app.config via the configuration tool.  I want to use the config tool to save figuring out the xml to do what I want.

When trying to use the 'Type Selector', I get an error "There were no types found in the assembly 'xyz' that implement or inherit from the base type 'Microsoft.Practices.EnterpriseLibrary.Security.IAuthorizationProvider'.

But there definitely is.  I can browse it using Reflector (all though interestingly it needed me to select the path to Security.dll when drilling through).

I have created a class that implements IAuthorizationProvider :

public class MyAuth : AuthorizationProvider
    {
        public MyAuth(NameValueCollection configurationItems)
        {

        }

        public override bool Authorize(IPrincipal principal, string context)
        {
            return true;
        }
    }






I have researched the problem, and have seen how it can be to do with multiple versions of the EntLib assemblies.  But I definitely don't fit that case.  I am using the same assemblies as the config tool.  I didn't even build the source.  I don't have older versions of EntLib on the machine.  Eg, I don't have this problem:

http://blogs.msdn.com/tomholl/archive/2007/04/19/avoiding-configuration-pitfalls-with-incompatible-copies-of-enterprise-library.aspx


I've been a long time supporter of P&P, but haven't used it for the last few projects, came back to it on my new project but this is so tedious.  Trying to do something simple, consumes 4 hours and still doesn't work.  Costs my client hundreds of dollars.  Imbues a frown on my face.

I could have hand coded my requirements by now.  And now I'm stuck, do I work through the problem until I sort it out or just write off the time I've wasted?

And is this a sign of pain to come?


Oct 29, 2008 at 4:43 AM
Didn't you add the ConfigurationElementType attribute to the MyAuth class? 

[

ConfigurationElementType(typeof(CustomAuthorizationProviderData))]

 

Oct 29, 2008 at 4:50 AM
that was it.  strange, i missed that from the documentation but it is there.  my apologies, pilot error.

you are da man.
Aug 24, 2009 at 10:06 AM

Hi cshark

I am getting the same error . Even I have added the ConfuguratationElemenet Type Attribute to the class have.
Here is what i am doing.The below is the code of my class.

 

using Microsoft.Practices.EnterpriseLibrary.Security;
using Microsoft.Practices.EnterpriseLibrary.Common.Configuration;
using Microsoft.Practices.EnterpriseLibrary.Security.Configuration;
using System.Xml;
using System.Collections.Specialized;
using System.Configuration;

 [ConfigurationElementType(typeof(CustomAuthorizationProviderData))]
    class DemoAuthorizationProvider: AuthorizationProvider
    {
        private string xmlPath;
       
        public DemoAuthorizationProvider(NameValueCollection attributes)
        {
           
            xmlPath = attributes.Get("XmlStore");
        }

        public override bool Authorize(System.Security.Principal.IPrincipal principal,string context)
        {
            string name = principal.Identity.Name;
            bool authorized = false;
            if (xmlPath == string.Empty)
            {
                throw new ConfigurationErrorsException("Configuration Error: XML Store " + "Path Not Set");
            }
            // Open the role store
            XmlTextReader reader = new XmlTextReader(xmlPath);
            // Check if the username is in the role
            // specified by the context parameter
            while (reader.Read())
            {
                if (reader.Name.Equals("User"))
                {
                    if (reader.GetAttribute("Name") == name &&
                    reader.GetAttribute("Role") == context)
                    {
                        authorized = true;
                    }
                }
            }
            return authorized;
        }

    }

I didn't understand why it is giving me the error.Please help

 

Pawan

 

 

 

 

Aug 24, 2009 at 12:00 PM

Hi,

Can you try adding a public modifier in your class. Close your visual studio. Open another instance of visual studio, open your project and try selecting again your custom authorization provider.

Valiant Dudan
Global Technology and Solutions
Avanade, Inc.
entlib.support@avanade.com

Aug 24, 2009 at 12:34 PM

Hi AvanadeSupport

                                       Thank you for your instant reply.I have already done this and it is working now.So this issue is solved.BUt thank you very much again.

 Another issue is coming.Now In  a web application I have added the refrence of my Class liberary and sent parameter to this service for a message to show "Authorize" or "Not Authorize" but it is always giving me "not authrozie message".Here is what I am doing

When I am clicking on my button on my web app here is the code:-

 protected void m_AuthUser_Click(object sender, EventArgs e)
    {
        // Get an instance of the custom provider
        IAuthorizationProvider provider = AuthorizationFactory.GetAuthorizationProvider("Custom Authorization Provider");
        IPrincipal principal = new GenericPrincipal (User.Identity, new string[] { "Manager" });
        // Check if the user is authorized
        if (provider.Authorize(principal, m_RoleName.Text))
        {
            m_ResultLabel.Text = "The user is authorized for this role";
        }
        else
        {
            m_ResultLabel.Text = "The user is not authorized for this role";
        }
    }

 

it calles my DemoAuthorizationClass.cs class in a class liberary.here is the code below :-

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using Microsoft.Practices.EnterpriseLibrary.Security;
using Microsoft.Practices.EnterpriseLibrary.Common.Configuration;
using Microsoft.Practices.EnterpriseLibrary.Security.Configuration;
using System.Xml;
using System.Collections.Specialized;
using System.Configuration;

namespace SecurityDemoLiberary
{
    [ConfigurationElementType(typeof(CustomAuthorizationProviderData))]
    public class DemoAuthorizationProvider : AuthorizationProvider
    {

        private string xmlPath = "";

        public DemoAuthorizationProvider(NameValueCollection attributes)
        {
            xmlPath = attributes.Get("XmlStore");
        }

        public override bool Authorize(System.Security.Principal.IPrincipal principal, string context)
        {
            string name = principal.Identity.Name;
            bool authorized = false;
            if (xmlPath == string.Empty)
            {
                throw new ConfigurationErrorsException("Configuration Error: XML Store " + "Path Not Set");
            }
            // Open the role store
            XmlTextReader reader = new XmlTextReader(xmlPath);
            // Check if the username is in the role
            // specified by the context parameter
            while (reader.Read())
            {
                if (reader.Name.Equals("User"))
                {
                    if (reader.GetAttribute("Name") == name && reader.GetAttribute("Role") == context)
                    {
                        authorized = true;
                    }
                }
            }
            return authorized;
        }

    }
}

in name it is taking my window authentication rather I want to take the string Which i have passed to the textBox on my web App.And I also want same for the context.

1.) Do i have to change the parameter type of the method public override bool Authorize(System.Security.Principal.IPrincipal principal, string context) to something else and

2.) if yes then please provide a snippet how i can do this.

3.) Do i also have to change the Authentication type in web.config to "forms".beacuse I tried this but then it is not picking the identity.

So please Help

thanx

Pawan

 

Aug 25, 2009 at 2:03 AM

If you want the name variable to evaluate to the string you put on your textbox, you should have

IPrincipal principal = new GenericPrincipal (new GenericIdentity(txtUser.Text), new string[] { "Manager" }); 

instead of:  IPrincipal principal = new GenericPrincipal (User.Identity, new string[] { "Manager" });

It is not necessary to change to forms authentication. 

Sarah Urmeneta
Global Technology and Solutions
Avanade, Inc.
entlib.support@avanade.com