Security Examples
73 views
Skip to first unread message
andre robbertse
May 30, 2012, 8:59:28 AM5/30/12
to agatha
Hi,
Love your work btw.
I am unfortunately unable to implement the security RequestProcessor
that you show on your site. >>http://davybrion.com/blog/2010/01/
securing-your-agatha-service-layer/<<
Would it be possible to get a proper working sample of this using the
latest distro of rrsl ?
And how to use it obviously. Sorry to be a pain in the but :)
Much appreciated
Andre
Love your work btw.
I am unfortunately unable to implement the security RequestProcessor
that you show on your site. >>http://davybrion.com/blog/2010/01/
securing-your-agatha-service-layer/<<
Would it be possible to get a proper working sample of this using the
latest distro of rrsl ?
And how to use it obviously. Sorry to be a pain in the but :)
Much appreciated
Andre
Davy Brion
May 31, 2012, 3:42:12 AM5/31/12
to agath...@googlegroups.com
I don't have a working sample of it anymore
What problems did you run into trying to implement it?
andre robbertse
Jun 1, 2012, 2:28:18 AM6/1/12
to agatha
Well obviously i'm doing something wrong, but am still new to this.
Some code....
Authenticator. (Not doing anything yet)
public class AuthenticatedAsyncRequestDispatcher :
AsyncRequestDispatcher
{
private readonly IUserValidator _securityContext;
public
AuthenticatedAsyncRequestDispatcher(IAsyncRequestProcessor
requestProcessor, IUserValidator securityContext)
: base(requestProcessor, null)
{
_securityContext = securityContext;
}
protected override void
BeforeSendingRequests(System.Collections.Generic.IEnumerable<Request>
requestsToProcess)
{
base.BeforeSendingRequests(requestsToProcess);
foreach (var req in requestsToProcess)
{
var authReq = req as AuthenticatedRequest;
if (authReq != null)
{
//authReq.Credentials.Username =
_securityContext.Username;
//authReq.Credentials.Password =
_securityContext.Password;
}
}
}
}
ServiceConfiguration:
var config = new ServiceLayerConfiguration(
handler,
request,
typeof(Agatha.Castle.Container))
{
AsyncRequestProcessorImplementation =
typeof(AuthenticatedAsyncRequestDispatcher)
};
config.Initialize();
Then i do a client search request:
public class ClientSearchRequest : AuthenticatedRequest
{
public string Filter { get; set; }
}
public abstract class AuthenticatedRequest : Request
{
public SecurityCredentials Credentials { get; set; }
}
but I can never get to the AuthenticatedAsyncRequestDispatcher.
What am I doing wrong :(
On May 31, 9:42 am, Davy Brion <ral...@davybrion.com> wrote:
> I don't have a working sample of it anymore
>
> What problems did you run into trying to implement it?
>
> On Wed, May 30, 2012 at 2:59 PM, andre robbertse
> <andrerobber...@gmail.com>wrote:
Some code....
Authenticator. (Not doing anything yet)
public class AuthenticatedAsyncRequestDispatcher :
AsyncRequestDispatcher
{
private readonly IUserValidator _securityContext;
public
AuthenticatedAsyncRequestDispatcher(IAsyncRequestProcessor
requestProcessor, IUserValidator securityContext)
: base(requestProcessor, null)
{
_securityContext = securityContext;
}
protected override void
BeforeSendingRequests(System.Collections.Generic.IEnumerable<Request>
requestsToProcess)
{
base.BeforeSendingRequests(requestsToProcess);
foreach (var req in requestsToProcess)
{
var authReq = req as AuthenticatedRequest;
if (authReq != null)
{
//authReq.Credentials.Username =
_securityContext.Username;
//authReq.Credentials.Password =
_securityContext.Password;
}
}
}
}
ServiceConfiguration:
var config = new ServiceLayerConfiguration(
handler,
request,
typeof(Agatha.Castle.Container))
{
AsyncRequestProcessorImplementation =
typeof(AuthenticatedAsyncRequestDispatcher)
};
config.Initialize();
Then i do a client search request:
public class ClientSearchRequest : AuthenticatedRequest
{
public string Filter { get; set; }
}
public abstract class AuthenticatedRequest : Request
{
public SecurityCredentials Credentials { get; set; }
}
but I can never get to the AuthenticatedAsyncRequestDispatcher.
What am I doing wrong :(
On May 31, 9:42 am, Davy Brion <ral...@davybrion.com> wrote:
> I don't have a working sample of it anymore
>
> What problems did you run into trying to implement it?
>
> On Wed, May 30, 2012 at 2:59 PM, andre robbertse
andre robbertse
Jun 1, 2012, 2:45:35 AM6/1/12
to agatha
oop, and the Auth Request Processor:
public class AuthenticatedRequestProcessor : RequestProcessor
{
private readonly IUserValidator authenticator;
public AuthenticatedRequestProcessor(IUserValidator
authenticator, ServiceLayerConfiguration serviceLayerConfiguration,
ICacheManager cacheManager)
: base(serviceLayerConfiguration, cacheManager)
{
this.authenticator = authenticator;
}
protected override void BeforeProcessing(IEnumerable<Request>
requests)
{
var clientSearchRequest = requests as ClientSearchRequest;
if (clientSearchRequest != null)
{
if (!
authenticator.ValidateCredentials(clientSearchRequest.Credentials))
{
throw new SecurityException("Access denied.
Credentials are invalid or do not have the necessary permissions to
perform this action.");
public class AuthenticatedRequestProcessor : RequestProcessor
{
private readonly IUserValidator authenticator;
public AuthenticatedRequestProcessor(IUserValidator
authenticator, ServiceLayerConfiguration serviceLayerConfiguration,
ICacheManager cacheManager)
: base(serviceLayerConfiguration, cacheManager)
{
this.authenticator = authenticator;
}
protected override void BeforeProcessing(IEnumerable<Request>
requests)
{
var clientSearchRequest = requests as ClientSearchRequest;
if (clientSearchRequest != null)
{
if (!
authenticator.ValidateCredentials(clientSearchRequest.Credentials))
{
throw new SecurityException("Access denied.
Credentials are invalid or do not have the necessary permissions to
perform this action.");
andre robbertse
Jun 1, 2012, 2:50:12 AM6/1/12
to agatha
Chaging the service to config --> RequestProcessorImplementation =
typeof(AuthenticatedRequestProcessor),
Gives me an error, andI dont understand this :(
An ExceptionInfo whose value is:
System.ServiceModel.FaultException`1[System.ServiceModel.ExceptionDetail]:
Can't create component
'Qmuzik.ServiceLayer.Security.AuthenticatedRequestProcessor' as it has
dependencies to be satisfied.
Qmuzik.ServiceLayer.Security.AuthenticatedRequestProcessor is waiting
for the following dependencies:
Services: - Qmuzik.ServiceLayer.Security.IUserValidator which was not
registered.
Server stack trace: at
System.ServiceModel.Channels.ServiceChannel.ThrowIfFaultUnderstood(Message
reply, MessageFault fault, String action, MessageVersion version,
FaultConverter faultConverter)
at
System.ServiceModel.Channels.ServiceChannel.HandleReply(ProxyOperationRuntime
operation, ProxyRpc& rpc)
at System.ServiceModel.Channels.ServiceChannel.EndCall(String action,
Object[] outs, IAsyncResult result)
at
System.ServiceModel.Channels.ServiceChannelProxy.InvokeEndService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]:
at
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg)
at
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type)
at
Agatha.Common.WCF.IAsyncWcfRequestProcessor.EndProcessRequests(IAsyncResult
result)
at
Agatha.Common.WCF.AsyncRequestProcessorProxy.Agatha.Common.IAsyncRequestProcessor.EndProcessRequests(IAsyncResult
result)
in c:\src\agatha\Agatha.Common\WCF\AsyncRequestProcessorProxy.cs:line
31 at
Agatha.Common.WCF.AsyncRequestProcessorProxy.OnEndProcessRequests(IAsyncResult
result)
in c:\src\agatha\Agatha.Common\WCF\AsyncRequestProcessorProxy.cs:line
53 at
System.ServiceModel.ClientBase`1.OnAsyncCallCompleted(IAsyncResult
result)
typeof(AuthenticatedRequestProcessor),
Gives me an error, andI dont understand this :(
An ExceptionInfo whose value is:
System.ServiceModel.FaultException`1[System.ServiceModel.ExceptionDetail]:
Can't create component
'Qmuzik.ServiceLayer.Security.AuthenticatedRequestProcessor' as it has
dependencies to be satisfied.
Qmuzik.ServiceLayer.Security.AuthenticatedRequestProcessor is waiting
for the following dependencies:
Services: - Qmuzik.ServiceLayer.Security.IUserValidator which was not
registered.
Server stack trace: at
System.ServiceModel.Channels.ServiceChannel.ThrowIfFaultUnderstood(Message
reply, MessageFault fault, String action, MessageVersion version,
FaultConverter faultConverter)
at
System.ServiceModel.Channels.ServiceChannel.HandleReply(ProxyOperationRuntime
operation, ProxyRpc& rpc)
at System.ServiceModel.Channels.ServiceChannel.EndCall(String action,
Object[] outs, IAsyncResult result)
at
System.ServiceModel.Channels.ServiceChannelProxy.InvokeEndService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]:
at
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg)
at
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type)
at
Agatha.Common.WCF.IAsyncWcfRequestProcessor.EndProcessRequests(IAsyncResult
result)
at
Agatha.Common.WCF.AsyncRequestProcessorProxy.Agatha.Common.IAsyncRequestProcessor.EndProcessRequests(IAsyncResult
result)
in c:\src\agatha\Agatha.Common\WCF\AsyncRequestProcessorProxy.cs:line
31 at
Agatha.Common.WCF.AsyncRequestProcessorProxy.OnEndProcessRequests(IAsyncResult
result)
in c:\src\agatha\Agatha.Common\WCF\AsyncRequestProcessorProxy.cs:line
53 at
System.ServiceModel.ClientBase`1.OnAsyncCallCompleted(IAsyncResult
result)
andre robbertse
Jun 1, 2012, 3:55:44 AM6/1/12
to agatha
Btw, using a Custom Request Handler approach for authentication works
fine.
fine.
Bart Deleye
Jun 1, 2012, 6:06:02 AM6/1/12
to agath...@googlegroups.com
Gives me an error, andI dont understand this :(
An ExceptionInfo whose value is:
System.ServiceModel.FaultException`1[System.ServiceModel.ExceptionDetail]:
Can't create component
'Qmuzik.ServiceLayer.Security.AuthenticatedRequestProcessor' as it has
dependencies to be satisfied.
Qmuzik.ServiceLayer.Security.AuthenticatedRequestProcessor is waiting
for the following dependencies:
Services: - Qmuzik.ServiceLayer.Security.IUserValidator which was not
registered.
An ExceptionInfo whose value is:
System.ServiceModel.FaultException`1[System.ServiceModel.ExceptionDetail]:
Can't create component
'Qmuzik.ServiceLayer.Security.AuthenticatedRequestProcessor' as it has
dependencies to be satisfied.
Qmuzik.ServiceLayer.Security.AuthenticatedRequestProcessor is waiting
for the following dependencies:
Services: - Qmuzik.ServiceLayer.Security.IUserValidator which was not
registered.
As the error message indicates, there is no component registered for IUserValidator.
The container can't create your AuthenticatedRequestProcessor implementation because it has dependencies it doesn't know about.
Either register your dependencies using Agatha's IoC.Container.Register methods or inject your own container instance.
Davy Brion
Jun 3, 2012, 8:51:30 AM6/3/12
to agath...@googlegroups.com
yup, like Bart said: be sure to register all your server-side dependencies with the same IOC container instance that Agatha uses.
Also, because it's not entirely clear from your previous mails: be sure that you assign the type of your AuthenticatedAsyncRequestDispatcher to the AsyncRequestDispatcherImplementation property of your ClientConfiguration object if you want Agatha to use your custom async dispatcher.
Reply all
Reply to author
Forward
0 new messages