Show / Hide Table of Contents

Interface ISecurityManager

Represents an entity that performs user authentication based on passed credentials and other security-related global tasks

Inherited Members
IApplicationComponent.ComponentSID
IApplicationComponent.ComponentDirector
IApplicationComponent.ComponentCommonName
System.IDisposable.Dispose()
Namespace: NFX.Security
Assembly: NFX.dll
Syntax
public interface ISecurityManager : IApplicationComponent, IDisposable

Properties

PasswordManager

References an entity that manages passwords such as: computes and verified hash tokens and provides password strength verification

Declaration
IPasswordManager PasswordManager { get; }
Property Value
Type Description
IPasswordManager

Methods

Authenticate(AuthenticationToken)

Authenticates user by checking the supplied token against the authentication store that this manager represents. If token is invalid then UserKind.Invalid is returned. This method may populate user access rights completely or partially - depending on store implementation. If rights are computed on authentication than Authorize() just checks existing in-memory structure, otherwise Authorize() may re-fetch permissions from store on every call or cache them for the specified interval in memory

Declaration
User Authenticate(AuthenticationToken token)
Parameters
Type Name Description
AuthenticationToken token

User authentication token

Returns
Type Description
User

User object. Check User.Status for UserStatus.Invalid flag to see if authentication succeeded

Authenticate(Credentials)

Authenticates user by checking the supplied credentials against the authentication store that this manager represents. If credential are invalid then UserKind.Invalid is returned. This method may populate user access rights completely or partially - depending on store implementation. If rights are computed on authentication than Authorize() just checks existing in-memory structure, otherwise Authorize() may re-fetch permissions from store on every call or cache them for the specified interval in memory

Declaration
User Authenticate(Credentials credentials)
Parameters
Type Name Description
Credentials credentials

User credentials. Particular manager implementation may elect to support multiple credential types, i.e. IdPassword, Twitter, Facebook, OAuth, LegacySystemA/B/C etc.

Returns
Type Description
User

User object. Check User.Status for UserStatus.Invalid flag to see if authentication succeeded

Authenticate(User)

Authenticates user by checking the supplied user's token against the authentication store that this manager represents. This method is called by the framework after User object was deserialized and it's Rights need to be re-fetched. If token is invalid then UserStatus.Invalid is set. This method may populate user access rights completely or partially - depending on store implementation. If rights are computed on authentication than Authorize() just checks existing in-memory structure, otherwise Authorize() may re-fetch permissions from store on every call or cache them for the specified interval in memory

Declaration
void Authenticate(User user)
Parameters
Type Name Description
User user

User object which is checked and updated

Authorize(User, Permission)

Authorizes user by finding appropriate access level to permission by supplied path. Depending on particular implementation, rights may be fully or partially cached in memory. Note: this authorization call returns AccessLevel object that may contain a complex data structure. The final assertion of user's ability to perform a certain action is encapsulated in Permission.Check() method. Call Permission.AuthorizeAndGuardAction(MemberInfo, ISession) to guard classes and methods from unauthorized access

Declaration
AccessLevel Authorize(User user, Permission permission)
Parameters
Type Name Description
User user

A user to perform authorization for

Permission permission

An instance of permission to get

Returns
Type Description
AccessLevel

AccessLevel granted to specified permission

GetUserLogArchiveDimensions(IIdentityDescriptor)

Extracts values for archive dimensions to store the log message for the specified user descriptor. Depending on the system descriptor represents an entity that describes user (e.g. User, UserInfo, etc.). The method only fills the fields specific to user identity

Declaration
IConfigSectionNode GetUserLogArchiveDimensions(IIdentityDescriptor identity)
Parameters
Type Name Description
IIdentityDescriptor identity
Returns
Type Description
IConfigSectionNode

LogSecurityMessage(SecurityLogAction, Message, IIdentityDescriptor)

Logs security-related message

Declaration
void LogSecurityMessage(SecurityLogAction action, Message msg, IIdentityDescriptor identity = null)
Parameters
Type Name Description
SecurityLogAction action

Action that was performed

Message msg

A message to log

IIdentityDescriptor identity

If msg.ArchiveDim is not set, sets to GetUserLogArchiveDimensions(user | currentCallContext)

Extension Methods

MiscUtils.NonNull<T>(T, Func<Exception>, String)
ObjectValueConversion.AsString(Object, String, ConvertErrorHandling)
ObjectValueConversion.AsNonNullOrEmptyString(Object)
ObjectValueConversion.AsLaconicConfig(Object, ConfigSectionNode, String, ConvertErrorHandling)
ObjectValueConversion.AsJSONConfig(Object, ConfigSectionNode, String, ConvertErrorHandling)
ObjectValueConversion.AsXMLConfig(Object, ConfigSectionNode, ConvertErrorHandling)
ObjectValueConversion.AsChar(Object, Char, ConvertErrorHandling)
ObjectValueConversion.AsNullableChar(Object, Nullable<Char>, ConvertErrorHandling)
ObjectValueConversion.AsByte(Object, Byte, ConvertErrorHandling)
ObjectValueConversion.AsNullableByte(Object, Nullable<Byte>, ConvertErrorHandling)
ObjectValueConversion.AsSByte(Object, SByte, ConvertErrorHandling)
ObjectValueConversion.AsNullableSByte(Object, Nullable<SByte>, ConvertErrorHandling)
ObjectValueConversion.AsShort(Object, Int16, ConvertErrorHandling)
ObjectValueConversion.AsNullableShort(Object, Nullable<Int16>, ConvertErrorHandling)
ObjectValueConversion.AsUShort(Object, UInt16, ConvertErrorHandling)
ObjectValueConversion.AsNullableUShort(Object, Nullable<UInt16>, ConvertErrorHandling)
ObjectValueConversion.AsInt(Object, Int32, ConvertErrorHandling)
ObjectValueConversion.AsNullableInt(Object, Nullable<Int32>, ConvertErrorHandling)
ObjectValueConversion.AsUInt(Object, UInt32, ConvertErrorHandling)
ObjectValueConversion.AsNullableUInt(Object, Nullable<UInt32>, ConvertErrorHandling)
ObjectValueConversion.AsLong(Object, Int64, ConvertErrorHandling)
ObjectValueConversion.AsNullableLong(Object, Nullable<Int64>, ConvertErrorHandling)
ObjectValueConversion.AsULong(Object, UInt64, ConvertErrorHandling)
ObjectValueConversion.AsNullableULong(Object, Nullable<UInt64>, ConvertErrorHandling)
ObjectValueConversion.AsDouble(Object, Double, ConvertErrorHandling)
ObjectValueConversion.AsNullableDouble(Object, Nullable<Double>, ConvertErrorHandling)
ObjectValueConversion.AsFloat(Object, Single, ConvertErrorHandling)
ObjectValueConversion.AsNullableFloat(Object, Nullable<Single>, ConvertErrorHandling)
ObjectValueConversion.AsDecimal(Object, Decimal, ConvertErrorHandling)
ObjectValueConversion.AsNullableDecimal(Object, Nullable<Decimal>, ConvertErrorHandling)
ObjectValueConversion.AsBool(Object, Boolean, ConvertErrorHandling)
ObjectValueConversion.AsNullableBool(Object, Nullable<Boolean>, ConvertErrorHandling)
ObjectValueConversion.AsGUID(Object, Guid, ConvertErrorHandling)
ObjectValueConversion.AsNullableGUID(Object, Nullable<Guid>, ConvertErrorHandling)
ObjectValueConversion.AsDateTime(Object)
ObjectValueConversion.AsDateTime(Object, DateTime, ConvertErrorHandling)
ObjectValueConversion.AsNullableDateTime(Object, Nullable<DateTime>, ConvertErrorHandling)
ObjectValueConversion.AsGDID(Object)
ObjectValueConversion.AsGDID(Object, GDID, ConvertErrorHandling)
ObjectValueConversion.AsNullableGDID(Object, Nullable<GDID>, ConvertErrorHandling)
ObjectValueConversion.AsGDIDSymbol(Object)
ObjectValueConversion.AsGDIDSymbol(Object, GDIDSymbol, ConvertErrorHandling)
ObjectValueConversion.AsNullableGDIDSymbol(Object, Nullable<GDIDSymbol>, ConvertErrorHandling)
ObjectValueConversion.AsTimeSpan(Object)
ObjectValueConversion.AsTimeSpan(Object, TimeSpan, ConvertErrorHandling)
ObjectValueConversion.AsNullableTimeSpan(Object, Nullable<TimeSpan>, ConvertErrorHandling)
ObjectValueConversion.AsEnum<TEnum>(Object, TEnum, ConvertErrorHandling)
ObjectValueConversion.AsNullableEnum<TEnum>(Object, Nullable<TEnum>, ConvertErrorHandling)
ObjectValueConversion.AsUri(Object, Uri, ConvertErrorHandling)
JSONExtensions.ToJSON(Object, JSONWritingOptions)
JSONExtensions.ToJSON(Object, TextWriter, JSONWritingOptions)
JSONExtensions.ToJSON(Object, Stream, JSONWritingOptions, Encoding)
ErlObject.ToErlObject(Object)
ErlObject.ToErlObject(Object, ErlTypeOrder, Boolean)
Back to top Copyright © 2006-2018 Agnicore Inc
Generated by DocFX