New Authentication documentation added

229 views
Skip to first unread message

Demis Bellot

unread,
Mar 4, 2012, 3:15:13 AM3/4/12
to servic...@googlegroups.com
Hi Group,

I've added more documentation about ServiceStack's authentication feature that includes an info graphic on how all parts fit together:

Hopefully this provides a better overview how the Authentication works.

Thanks!

- Demis

matt tagliaferri

unread,
Mar 7, 2012, 4:09:04 PM3/7/12
to ServiceStack .NET Open Source REST Web Services Framework
Looks great, but I'm having trouble turning your code examples into a
coherent project (not always sure where to put everything. Bear in
mind I downloaded ServiceStack yesterday, so I'm probably not up to
speed yet).

Any chance for a bare-bones sample project implementing a
CredentialsAuthProvider? I need to check username/password
credentials against a database, set a single role ("Admin"), also
found in that same table, and then set up an AuthRepository for
future calls. (the project could hardcode one user/password, I think
I know how to pull the data out of the DB).

I found some code samples but quickly got overwhelmed/lost. It also
appears that the authentication stuff is pretty new, and maybe some of
the code I found was older and wasn't taking advantage of these
features yet.

thanks in advance.
matt tag


On Mar 4, 3:15 am, Demis Bellot <demis.bel...@gmail.com> wrote:
> Hi Group,
>
> I've added more documentation about ServiceStack's authentication feature
> that includes an info graphic on how all parts fit together:https://github.com/ServiceStack/ServiceStack/wiki/Authentication-and-...

Demis Bellot

unread,
Mar 7, 2012, 4:15:15 PM3/7/12
to servic...@googlegroups.com
Have you had a chance to look at:

It's a pre-wired demo project with all the Auth options built-in :)

Cheers,

matt tagliaferri

unread,
Mar 7, 2012, 4:23:49 PM3/7/12
to ServiceStack .NET Open Source REST Web Services Framework
I did, that's one of the ones that buried me. So many choices!

Our eventual goal is to create applications (web, windows, Mono) that
have custom username/password authentication, and then pass these same
credentials to the servicestack service (which will authenticate
against the same database).

I think I need to extend CredentialsAuthProvider...

I'll look a little closer.

Demis Bellot

unread,
Mar 7, 2012, 4:27:06 PM3/7/12
to servic...@googlegroups.com
I would have hoped that the info graphic would it made it easier to explain what the different options are for:

If you only want to support credentials you can literally comment all the other Auth providers out and the Register/Sign in Form will still work.

Maybe the stand-alone AuthTests might help?

matt tagliaferri

unread,
Mar 7, 2012, 4:40:56 PM3/7/12
to ServiceStack .NET Open Source REST Web Services Framework
I'll check it out in more detail, thanks for all your assistance.

Possible bug found - I was getting an "invalid column name 'Meta'"
error in the SocialBootstrapAPI when running it. This error went away
when I set RecreateAuthTables=true in web.config, which tells me that
the default UserAuth.mdf included in the project might have an old
structure.

thanks again.
matt tag

On Mar 7, 4:15 pm, Demis Bellot <demis.bel...@gmail.com> wrote:

Demis Bellot

unread,
Mar 7, 2012, 4:42:49 PM3/7/12
to servic...@googlegroups.com
Sure see this breaking change about the Meta property:

Basically you want to drop all the tables and let OrmLite re-create them again, otherwise feel free to add the Meta column nvarchar(MAX) manually.

Cheers,

Demis Bellot

unread,
Mar 7, 2012, 4:43:34 PM3/7/12
to servic...@googlegroups.com
But yeah, I'll push my copy of the latest UserAuth db tonight.

Cheers,

Joshua Lewis

unread,
Mar 8, 2012, 8:01:14 AM3/8/12
to ServiceStack .NET Open Source REST Web Services Framework
Matt,
the code sample in the page Demis mentioned before (https://github.com/
ServiceStack/ServiceStack/wiki/Authentication-and-authorization),
should be the bare minimum you need to get started:
public override void Configure(Container container)
{
Plugins.Add(new AuthFeature(() => new AuthUserSession(), new
IAuthProvider[] {
new BasicAuthProvider()
}));

container.Register<ICacheClient>(new MemoryCacheClient());
var userRep = new InMemoryAuthRepository();
container.Register<IUserAuthRepository>(userRep);

//Add a user for testing purposes
string hash;
string salt;
new SaltedHash().GetHashAndSaltString(Password, out hash, out
salt);
userRep.CreateUserAuth(new UserAuth {
Id = 1,
DisplayName = "DisplayName",
Email = "a...@if.com",
UserName = UserName,
FirstName = "FirstName",
LastName = "LastName",
PasswordHash = hash,
Salt = salt,
}, Password);
}

Did you try with this snippet?

Joshua
Message has been deleted
Message has been deleted

matt tagliaferri

unread,
Mar 8, 2012, 9:46:38 AM3/8/12
to servic...@googlegroups.com
I did get the memory-based caching and userauth working late yesterday, thanks for everyone's help.

I even managed to subclass CredentialsAuthProvider to authenticate against my custom user/pwd database.  Next stop is to override everything needed to register new users.... (custom IUserAuthRepository).

aicl

unread,
Mar 25, 2012, 10:39:47 PM3/25/12
to servic...@googlegroups.com
hi,

In https://github.com/angelcolmenares/ServiceStack.AuthDemo you can find a simple demo for  ServiceSatck + Extjs:
Demo includes:
Authentication and Authorization (ServiceStack.Authd, OrmLite auth provider)
CRUD operations on some datatables,
Uploading files.
Tested with mono 2.10.8 on ubuntu 10.04  
Works with Sqlite, FirebirdSql, MySql and PosgreSQL: adjust some values in web.config to select your favorite dialect 
( sqlserver no tested yet)
ext.js MVC  approach
any suggestions, contributions,  critics,  are welcome!

mono's users must  run xsp4.

app is temporaly avalabile at http://aicl.no-ip.org:8080/WebApp/ ( sunday, monday and tuesday)


Thanks!

angel 

aicl

unread,
Mar 26, 2012, 6:13:54 AM3/26/12
to servic...@googlegroups.com
I forget to say :
 users for auth : admin admin and user1 user1
Reply all
Reply to author
Forward
0 new messages