Authentication using principals

[roundcrisis]

Hi there:

I have seen some examples of authentication using principals, this is
for an intranet so a somewhat low level of security is required,
however I woudl like to know the disadvantages of using principals.
Also when I generate the identity for my principal, I use
GenericIdentity, is this ok? is there any obvious reason not to use
this on a production ?

thanks

 

[Nicholas Paldino [.NET/C# MVP]]

I don't think there are many (if any that I can think of) disadvanges to
using principals. I rather like the model. You can use GenericPrincipal if
you want, but it might be better to create a class that implements
IPrincipal or use an exising IPrincipal implementation which would suit your
needs more. The reason for this is that you have no way of assigning roles
to a user with the GenericPrincipal class. It's identifying the users in
those roles which makes authorization in .NET work.

How are you identifying and authorizing the users? Answering that
question will help determine which IPrincipal implementation you should use.

 

[roundcrisis]

hi:

Thanks for your answer, I ander below

I don't think there are many (if any that I can think of) disadvanges to
using principals. I rather like the model. You can use GenericPrincipal if
you want, but it might be better to create a class that implements
IPrincipal or use an exising IPrincipal implementation which would suit your
needs more.

well i m using a class that implements Iprincipal but to actually
generate the identity i use genericIdentity
I m not using roles at the moment, so i initialize the class with new
string[0] = "default"; which really doesnt convince me
I might have to add roles in the near fututre, any suggestions?




The reason for this is that you have no way of assigning roles

to a user with the GenericPrincipal class. It's identifying the users in
those roles which makes authorization in .NET work.

How are you identifying and authorizing the users? Answering that
question will help determine which IPrincipal implementation you should use.

I use another existing class to do the actual validation and then
generate the principal, but this is something that works, however I m
not convinced of the actual
correctnes of the implementation,

--
- Nicholas Paldino [.NET/C# MVP]
- (e-mail address removed)

Hi there:

I have seen some examples of authentication using principals, this is
for an intranet so a somewhat low level of security is required,
however I woudl like to know the disadvantages of using principals.
Also when I generate the identity for my principal, I use
GenericIdentity, is this ok? is there any obvious reason not to use
this on a production ?

thanks- Hide quoted text -

- Show quoted text -

 

[roundcrisis]

hi:

Thanks for your answer, I ander below

I don't think there are many (if any that I can think of) disadvanges to
using principals. I rather like the model. You can use GenericPrincipal if
you want, but it might be better to create a class that implements
IPrincipal or use an exising IPrincipal implementation which would suit your
needs more.

well i m using a class that implements Iprincipal but to actually
generate the identity i use genericIdentity
I m not using roles at the moment, so i initialize the class with new
string[0] = "default"; which really doesnt convince me
I might have to add roles in the near fututre, any suggestions?

The reason for this is that you have no way of assigning roles

to a user with the GenericPrincipal class. It's identifying the users in
those roles which makes authorization in .NET work.

How are you identifying and authorizing the users? Answering that
question will help determine which IPrincipal implementation you should use.

I use another existing class to do the actual validation and then
generate the principal, but this is something that works, however I m
not convinced of the actual
correctnes of the implementation,

- Show quoted text -- Hide quoted text -

- Show quoted text -

bp