Xomega.Net Walkthrough Tutorial

4.1 Creating claims identity

Let's update our model and add some code that would allow us to construct a claims identity for a user. We will start by declaring a type for email in the email_address.xom file, which we're planning to use as the user ID. We will also use this type on the email field of the "email address" object.

Next, we will create an enumeration "person type" with possible values of the person type and their descriptions, as well as declare a type with the same name for that enumeration, and will use that type on the "person type" field in person.xom.

With that done, let's declare a structure "person info" that will contain all the necessary information for the security claims as follows.

Finally, let's add an operation "read" to the “person” object, which will accept an email address as the input key, and output the “person info” structure that we created. This operation will be used by the authentication logic to create a claims identity, and should not be exposed via REST or WCF APIs, so we need to configure it as such. Given that the structure for this operation is very custom, Xomega will not be able to generate a meaningful default implementation for this method. Instead of trying to inline any custom code into the generated service file like we did before, we will want to just subclass that generated service, and override the entire method in there. To enable that, we will add a svc:customize element to the config section of the “person” object, and will set its subclass attribute to true. The following picture illustrates this setup.

Let's build the model, and navigate to the generated PersonService class under the AdventureWorks.Services.Entities project. Nested inside that class will be a file for the custom service implementation PersonServiceCustomized. Let's go ahead and implement the Read operation there as follows.

As you see, we are using several joins and some rather cumbersome left joins in LINQ to retrieve the data. If we cannot find the person by the provided email address, then we add a critical error with appropriate message, which we added to the Resources.resx, and use the generated constant for the message code.

In order to encapsulate common security related code that can be shared between different types of projects, we will add a new static class called SecurityManager to the AdventureWorks.Services.Common project, where we will define a method that creates claims identity from a PersonInfo structure as follows.

For most of the fields in the PersonInfo structure we used standard claim types. For the person type we used the Role claim type, which is consistent with how we're using it in the first place. For any non-standard info, such as the store ID or the vendor ID for the user, we're using custom claim types, which we declared as constants at the top of the class.

To simplify any security checks in the code, we can also define some handy extension methods on the IPrincipal interface. For example, the following methods will allow us to easily check some user roles, while also leveraging constants that were generated from the "person type" enumeration that we defined in the model.

Here's another example, where we can easily retrieve typed values of the custom claims, such as the store ID associated with the user.

Now that we have done all the prep work for creating a claims identity, we can move on to implementing user authentication.

Next: 4.2 Adding password authentication >

	Please enable session cookies in order to register or sign in. sign in \| register
	Home Download Order Forums Blog Contact Us
Xomega Tutorials Complete Walkthrough Before you start 1. Basic search/details views 1.1 Creating Xomega solution 1.2 Importing model from DB 1.3 Adding CRUD ops and views 1.4 Building model 1.5 Running application 2. Modeling search view 2.1 Modeling results list 2.2 Field config, links 2.3 Custom result fields 2.4 Modeling search criteria 2.5 Static enumerations 2.6 Dynamic enumerations 2.7 Auto-complete 2.8 Cascading selection 2.9 Custom UI validations 3. Modeling details view 3.1 Updating child list 3.2 Read-only fields 3.3 Child data objects 3.4 Multi-value sub-object 3.5 Fields from related objects 3.6 Lookup form for selection 3.7 Custom contextual selection 3.8 Standard contextual selection 3.9 Dynamic view titles 3.10 View layout, master-details 4. Implementing security 4.1 Claims identity 4.2 Password authentication 4.3 Securing services 4.4 Securing UI objects 4.5 Blazor Server authentication 4.6 WebForms authentication 4.7 WPF authentication 4.8 WCF authentication 4.9 REST authentication 4.10 WebAssembly authentication 4.11 SPA authentication Next steps Video Tutorials MDD with Xomega.Net Building Desktop Apps Building SPA Web Apps Generating Documentation How-To Guides Environment Object Model and Database Service Model Presentation Layer Static Data and Lists of Values Design Documentation Customization and Extensibility Xomega Generators Model Enhancement Import from Database Full CRUD and Views Enumerations from Database Data Layer EF Domain Objects Entity Data Model Database Schema Database Change Script Service Layer Service Contracts Service Implementations WCF Services Configuration WCF Service Host Files Web API Controllers UI Layer - C# Xomega Data Objects View Models REST Service Clients Blazor Views ASP.NET Views WPF Views WCF Client Configuration UI Layer - TypeScript SPA Views XomegaJS Data Objects TS Service Contracts TS Lookup Cache Loaders TS Enumeration Constants Static Data Lookup Cache Loaders Enumeration Constants Enumeration Data XML Enumeration Reload SQL Documentation Domain Model Design Service Model Design Static Data Design SQLXML Report Custom Generators Xomega.Net for Visual Studio Xomega Project Xomega Editor Xomega Model	4.1 Creating claims identity Let's update our model and add some code that would allow us to construct a claims identity for a user. We will start by declaring a type for email in the email_address.xom file, which we're planning to use as the user ID. We will also use this type on the email field of the "email address" object. Next, we will create an enumeration "person type" with possible values of the person type and their descriptions, as well as declare a type with the same name for that enumeration, and will use that type on the "person type" field in person.xom. With that done, let's declare a structure "person info" that will contain all the necessary information for the security claims as follows. Finally, let's add an operation "read" to the “person” object, which will accept an email address as the input key, and output the “person info” structure that we created. This operation will be used by the authentication logic to create a claims identity, and should not be exposed via REST or WCF APIs, so we need to configure it as such. Given that the structure for this operation is very custom, Xomega will not be able to generate a meaningful default implementation for this method. Instead of trying to inline any custom code into the generated service file like we did before, we will want to just subclass that generated service, and override the entire method in there. To enable that, we will add a svc:customize element to the config section of the “person” object, and will set its subclass attribute to true. The following picture illustrates this setup. Let's build the model, and navigate to the generated PersonService class under the AdventureWorks.Services.Entities project. Nested inside that class will be a file for the custom service implementation PersonServiceCustomized. Let's go ahead and implement the Read operation there as follows. As you see, we are using several joins and some rather cumbersome left joins in LINQ to retrieve the data. If we cannot find the person by the provided email address, then we add a critical error with appropriate message, which we added to the Resources.resx, and use the generated constant for the message code. In order to encapsulate common security related code that can be shared between different types of projects, we will add a new static class called SecurityManager to the AdventureWorks.Services.Common project, where we will define a method that creates claims identity from a PersonInfo structure as follows. For most of the fields in the PersonInfo structure we used standard claim types. For the person type we used the Role claim type, which is consistent with how we're using it in the first place. For any non-standard info, such as the store ID or the vendor ID for the user, we're using custom claim types, which we declared as constants at the top of the class. To simplify any security checks in the code, we can also define some handy extension methods on the IPrincipal interface. For example, the following methods will allow us to easily check some user roles, while also leveraging constants that were generated from the "person type" enumeration that we defined in the model. Here's another example, where we can easily retrieve typed values of the custom claims, such as the store ID associated with the user. Now that we have done all the prep work for creating a claims identity, we can move on to implementing user authentication. Next: 4.2 Adding password authentication >
	Copyright © 2009-2021 Xomega.Net. All rights reserved.