public override string GetConnectionString()
{
return the connection string , for the CuteChat
}
// no problems with this one
public override string FindUserLoginName(string nickName)
{
find the login username from the display name or null if the user is not found.
}
// is it required i override this? where does it appear in the application? Can i safely assume this is just for cosmetic purposes?
public override AppChatIdentity GetLogonIdentity()
{
need to find the information of current user. Return null if user is anonymous.
string loginname=...
string nickname=...
return new AppChatIdentity(nickname, false, ToUserId(loginname), HttpContext.Current.Request.UserHostAddress);
}
// This function is giving me major problems. I want to support 2 different authentication mechanisms, one for web users and the other for thick client users. In this function for web users i want to return the current logged in user. assume i'm using basic authenticaiton and i'm grabbing Server Variable "LOGON_USER" which contains an ID like 'orlandoj'. My problem is that while this works fine for web users who will be authentication and thus the LOGON_USER variable will be set before your code can run, the function also gets called for thick client users after the thick client loads wend web service request are called from the thick client. This is a major problem because the thick client cannot use the server variable as it may not have been set. The problem i'm having is that once a user authenticates on the thick client, the thick client itself starts to send web requests, to the webserver. Those web requests end up triggering calls to this function GetLogonIdentity(), but unlike with a web user the Server variable LOGON_USER is not set.
Can you comment on the following strategy? assuming calls to validate user actually only originate from the thick client..
1. set a cookie for example "UserID" in ValidateUser
2. In GetLogonIdentity, first check if the cookie from (1) above is present, if it is, read the user name from the cookie and use this to create a new appchatidentity object.
3. if cookie is not present, try to read my server variable LOGON_USER, if this is set, create a new appchatidentity with that value instead.
4. if cookie is not set and LOGON_USER is null or = "", then return null
Does this seem reasonable?
public override bool GetUserInfo(string loginName, ref string nickName, ref bool isAdmin)
{
return false , if the loginName is invalid.
otherwise set the nickName and isAdmin , and return ture
}
// this one is pretty straightforward as it is passing in the loginName (login ID) of the user and if it is valid you just set the additional information
public override bool ValidateUser(string loginName, string password)
{
check the username/password .
if valid , set the cookie.
}
// what cookie?? are you saying the app will read this cookie and use this ID for subsequent thick client requests? Do i get to pick the cookie name or is the app expecting a specific cookie to be set?
When testing it seems like this function is only called when the user first authenticates to the thick client. Is this true?