Vibrant discussion about CSLA .NET and using the framework to build great business applications.

Forum has moved

New location: CSLA .NET forum

CSLA .NET Resources:
  • CSLA .NET forum
  • CSLA .NET home page
  • Browse Site by Tags

    Showing related tags and posts across the entire site.
    • Claims based authentication

      Hi, Today CSLA supports 3 authentication models: 1. Custom authentication 2. ASP.NET Membership Provider authentication 3. Windows domain authentication Are there any plans for implementing a claims based authentication model in CSLA, utilising classes like ClaimsIdentity and ClaimsPrincipal? I understand...
      Posted to CSLA .NET discussion by Peter Centellini on Wed, Mar 18 2015
    • CSLA and MS Identity

      Hi, In my MVC 5-Project I want to use MS Identity for Authorization and Authentication. I have built my application according to the EncapsulatedDto-model, hence I among my projects have a Dal, DalSql, Library, and WcfPortal Project. I'm want to use Claims-based Authorization, and could of course...
      Posted to CSLA .NET discussion by Peter Centellini on Fri, Oct 17 2014
    • WPF - Windows Authentication

      Hi everyone, I have recently re-read the excellent ebook « using Csla4-04-Dataportal » focusing on Windows Authentication. Actually, I'm trying to implement a 3 tiers wpf application authentication relying on Active Directory identity. In my case, the user and client workstation are not...
      Posted to CSLA .NET discussion by cconte on Fri, Jun 21 2013
    • Re: User/Object Specific Permissions

      Hi! We faced the same need last week and would thought about the same solution than Tiago proposed. We'd be glad to be able to access the criteria in our own rule... Thanks to seriously consider this! Etienne
      Posted to CSLA .NET discussion by edore on Mon, Apr 9 2012
    • Csla 4 - Clearing out principal?

      I've upgraded WebForms project to use Csla 4. The business layer seems fine mostly, all the tests have passed and I'm fixing minor things with how BOs are build (private backing fields not specifying that in relationship type, etc). One thing I'm stumped on is the handling of the ApplicationContext...
      Posted to CSLA .NET discussion by Andy on Sun, Oct 16 2011
    • Best practice 3-tier WCF authentication

      We are developing an ASP.NET MVC 3 application using CSLA in 3-tier remoting mode using WCF communication between the external facing hosted app computer and behind the firewall app server computer. What is the recommended best practice to secure the communication between the tiers? I’ve read older...
      Posted to CSLA .NET discussion by GlennMiller on Thu, Sep 15 2011
    • Invoking an Abstract DAL from within the Business Object

      Hello, To paraphrase Rocky from the 3rd Csla 3.8 video, while discussing a demo project which invokes an abstracted DAL from within the BO (starting at about 1:10:48) In a 3 tier model you don't even deploy your concrete data access components to the client. You simply deploy an abstract DAL router...
      Posted to CSLA .NET discussion by Matthew Copeland on Thu, Sep 8 2011
    • Need security advice for retrieving one's own 'account' info

      I have a created a class called SecurityUser that allows those in an Administrators group retrieve, edit, update, etc the object. It follows the normal CSLA guidelines and examples for checking security. I'm OK with this object. e.g. The following is the normal stuff you see... public static SecurityUser...
      Posted to CSLA .NET discussion by ToddH on Sat, Aug 6 2011
    • Hiding business logic in database, but how do you hide in server side BOs

      We are designing an applicaiton that will run within a security hardened, networked, application server "appliance" which is accessed from winforkms applications installed on a number of clients machines. Some of the business logic is is confidential and we are considering using encrypted Stored...
      Posted to CSLA .NET discussion by timster on Wed, Nov 10 2010
    • CSLA + Silverlight + Authentication + Read/Write permissions

      Hi everybody Do you have any example of custom authentication and read/write permissions for Silverlight? I need an example where security doesn't use windows security, instead to work with custom role and user tables stored in a database like oracle or sql server. If possible I need the example...
      Posted to CSLA .NET discussion by programmingperu on Tue, Nov 9 2010
    • SerializationException with serialized CustomPrincipal

      I'm using CSLA 4 and Bxf. My MainWindow is throwing a SerializationException inside VS2010. The problem seems centered around my CustomPrincipal object. I dont fully understand the authentication "stuff" so I'm sure I'm doing something wrong. I'm trying to use the users AD credentials...
      Posted to CSLA .NET discussion by c_manboy on Fri, Sep 10 2010
    • the "Kosher" way to register custom authorization rules

      hey there :) Just discovered in the source a static method, called "AddObjectAuthorizationRules()" that every business object type (for example) might implement. I find it very useful for the following pattern (problem description will follow): Some application-level base class imlements the...
      Posted to CSLA .NET discussion by breakphreak on Thu, Jul 29 2010
    • Security Question

      In my security protocol, when a user accesses a record, I have to check if they can read/write the fields based on the record. For example if a user accesses their company account some users are allowed to change the company name, some are not based on the company account. So I have in the following...
      Posted to CSLA .NET discussion by brannos on Fri, Jul 9 2010
    • PTracker Authentication fails

      Hi, i am new to CSLA and i just got the PTracker sample applicaiton. i am trying to run the PTWeb sample. i have configured my wcf dataportal and i am able to view the service wsdl through the web url correctly. for some reason, even though i have setup the ptracker database and security database according...
      Posted to CSLA .NET discussion by kwadwo on Mon, May 17 2010
    • Security and ORMs

      OK, bit late I know, but I'm doing more research on CSLA 3.8 inc. reading more of the 2008 book. I'm thinking about how to change our (outdated, CSLA 3, ported from CSLA 2) architecture to support unit testing. This will include updates to our CodeSmith Templates (VB, so maintained by us as more...
      Posted to CSLA .NET discussion by RockyRocks on Fri, Apr 30 2010
    • Re: Securing a publicly accessible data portal?

      Yeah, having the client send the server the MAC address, then having the server encrypt it using a simple symmetric encryption method (everything you need is build into .NET) is probably sufficient. Keep in mind the concept of revocation - keep a record on the server of the MAC addresses so you can flag...
      Posted to CSLA .NET discussion by RockfordLhotka on Wed, Apr 28 2010
    • Re: Securing a publicly accessible data portal?

      It isn't really a data portal limitation, as much as that this is an extremely challenging thing to do in general. If I understand correctly, you don't want to secure the user (other than username/password), but you want to secure the client workstation . There are companies that specialize in...
      Posted to CSLA .NET discussion by RockfordLhotka on Wed, Apr 28 2010
    • Re: CSLA Authentication: why does the server trust the Principal object

      First, if you don't trust your clients then you should use SOA. You should be creating two completely separate apps - one on the server and one on the client. You should assume all aspects of the client app have been compromised, and construct the server app to be exceedingly paranoid. The best way...
      Posted to CSLA .NET discussion by RockfordLhotka on Thu, Apr 8 2010
    • Invalid token for impersonation issue.

      Hello, Wondering if someone can help me with an issue I'm having with accessing the data portal. We are using CSLA version 3.6.2. with CSLA Authentication for the DataPortal. We have developed a Windows Service that is responsible for generation of data sets that are shared amongst a number of clients...
      Posted to CSLA .NET discussion by sliedig on Wed, Mar 24 2010
    • Re: conceptual/architectural advice needed

      I don't think this will be as simple as you think. But to get an idea of where start, I think this blog post from Rocky is very useful.
      Posted to CSLA .NET discussion by Andy on Thu, Mar 18 2010
    Page 1 of 1 (20 items)

    Copyright (c) 2006-2014 Marimer LLC. All rights reserved.
    Email admin@lhotka.net for support.
    Powered by Community Server (Non-Commercial Edition), by Telligent Systems