Authentication in LightSwitch Beta 2 Part I: Forms Authentication



Prologue:

From the last three articles we have seen how to connect Data Sources like SQL, WCF Services and SharePoint List. As we are in favor with LightSwitch application development now let us discuss about how to secure our application.

Authentication types in LightSwitch:

There are two types of Authentications available in LightSwitch applications.

  1. Forms Authentication
  2. Windows Authentication

Let us first discuss Forms Authentication in LightSwitch applications.

Forms Authentication:

Forms Authentication means that a username/password is prompted for when the application opens and these values are checked against the database.
 
This works nicely for clients running across the Internet that are not on a Windows domain. I'll show you both but first let's choose Forms Authentication.

Setting up LightSwitch Solution:

Create a LightSwitch Desktop Application as we discussed in the previous articles. And create a table called Person as shown in the following picture.

LightSwitch1.gif

Design a screen for the created table Person. We will discuss the design in future articles.

LightSwitch2.gif

Select the List and Details Screen from the Screen Template list [No: 1] for getting the Person details as well as the Details of the selected Person.

Give a name for the Screen [No: 2].

Select the Date for the Screen Data ComboBox [No: 3] which is retrieved from the table we have created.

Enabling Authentication:

By default the authentication is not enabled. To enable the authentication just select the project's properties from the Project Menu.
Select Access Control [No: 1] Menu Tab.

LightSwitch2.1.gif

From the Access Control Tab, select the Use Forms Authentication option [No: 2].

Yes. We have just done that with enabling the forms authentication. The next step is to create the Permissions for Roles for Users. We will discuss Roles and Users later; first we will see how Permission works.

Adding Permissions:

Permissions are nothing but allowing the user to do something on our LightSwitch application.

LightSwitch3.gif

In the above picture we have created three permissions Read, Write and Delete. The SecurityAdministration is the default permission provided by the LightSwitch application to create Users and Roles.

We have selected the four permissions to True on Debug mode. So that user can Read, Write and Delete or Add users and roles in Debug mode.
Set the permissions we have created to take effect.

Setting Permissions in Methods:

LightSwitch4.gif

To add a method to check for the permission, we need to open the table we have created. For this application we have created Person table; just open it.

On the right top corner you can see the Write Code menu. Just click it. You will get a collection of items. From that select Access Control group as shown in this above figure.

Click on People_CanInsert, _CanDelete and _CanRead. These are the default methods provided by LightSwitch.

Now write a line of code as shown in the figure given below.

LightSwitch5.gif

At the time of creation of Permissions an enumeration of Permissions will be created for us with the Permissions we created in the Access Control Tab in Project Properties.

The first method _CanDelete will check for the currently logged in user whether the user has the permission to do a Delete. If it is true then the application will allow the user to delete.

As like _CanDelete method, the other methods will act.

Now we are ready to Press F5. Just press it.

In Debug mode the LightSwitch application will not show the Login form; it will ask for the user name and password only on Published Application. But permissions that we have selected as granted will havew an affect in Debug mode. Let's see in Action.

LightSwitch6.gif

As we have enabled all the Permissions the Buttons for Add Edit and Delete are enabled here.

Now deselect the CanDelete permission in Project Properties to check whether it is preventing the user to delete the data.

LightSwitch7.gif

Here we have deselected the CanDelete Permission. Let's see in Code and Screen.

LightSwitch8.gif

We can see that the result is false because the Permission CanDelete is deselected.

LightSwitch9.gif

As the CanDelete Permissions is deselected, the Delete button is disabled in the application.

We have just enabled Permissions in Debug mode but we need to create the user and their roles and permissions for that roles created.
In Part II we will discuss about how to add Users Roles and Permissions for the Roles.

Summary:

In this article Part - I, we have seen the basic about Forms Authentication in LightSwitch Beta 2.

Thanks for spending your precious time here. Please provide your valuable feedbacks and comments, which enables me to give a better article the next time.
 
Please rate this Article.

Thanks.