Coming from ASP.NET into WindowsForms app development I was expecting to see the similar controls to work with. To my surprise, I didn't see any security controls (login, user management, etc.)
Am I missing something, or I'd have to implement my own security for the application (role based security, user management, etc.)?
The application is for internal use (10 -20 users) but security is very important due to sensitive data. (MSSQL Server 2005 is in the back end, .NET 3.5)
Any info would be appreciated.
i guess my question is "Is there an analog of ASP.NET's Membership provider in WinForms?"
after some Googling i found this article, I'll give that a try, any other suggestions are appreciated.
Most times a Windows Forms application is used in an internal network with Windows Domain accounts.
In this case you should use "Integrated security" to connect to the database and test if user is authenticated with
WindowsIdentity winIdentCurrent = WindowsIdentity.GetCurrent();
if (winIdentCurrent != null)
{
Console.Write("WindowsIdentity.GetCurrent(): ");
Console.WriteLine(winIdentCurrent.Name);
Console.Write("WindowsIdentity.GetCurrent() IsAuthenticated: ");
Console.WriteLine(winIdentCurrent.IsAuthenticated);
// Everything is fine, trust Windows API :-)
}
otherwise
authenticate the user/pass via your own method (db call)
AND set the Thread.CurrentPrincipal to your own Principal object