Vibrant discussion about CSLA .NET and using the framework to build great business applications.
I am in the process of creating a RESTful service layer leveraging the WCF Web API and I just need some clarification and/or confirmation that the Csla.ApplicationContextUser will not change during the method call.
An example of one of my methods looks like:
[WebInvoke(UriTemplate = "workspace?token={token}", Method = "PUT")] public HttpResponseMessage<WorkspaceEditData> UpdateWorkspace(string token, WorkspaceEditData data) { AuthenticationHelper.ValidateToken(token);
AuthenticationHelper.Login(token);
var workspaceEdit = WorkspaceEdit.FetchWorkspaceEdit(data.WorkspaceId);
workspaceEdit.Description = data.Description; workspaceEdit.Name = data.Name;
if (workspaceEdit.IsValid) { workspaceEdit = workspaceEdit.Save(); }
var workspaceData = new WorkspaceEditData(workspaceEdit);
AuthenticationHelper.Logout();
return new HttpResponseMessage<WorkspaceEditData>(workspaceData); }
Will the user that is logged in via my method that does a LoadPrincipal based on the token/username ... be the same throughout the method call?
Once the User property is set it won't change unless your code changes it.
On a web server, the User property value is actually stored in HttpContext, and ASP.NET manages the context object to ensure it is consistent throughout the life of the web request.
Rocky
I should say, however, that WCF does have its own pipeline. In the Using CSLA 3.0 ebook I have a chapter discussing some of the deeper behaviors that occur if you get fully into the WCF authentication process.
Your code doesn't appear to be running inside their authn process though - it appears to be running in the service implementation. Once your method has been invoked all the complex/nasty stuff has already occurred :)
Thanks Rocky! Appreciate the feedback!