Mani
New Member
Posts:2
 |
| 28 May 2009 03:04 AM |
|
Hi,
I have configured the External Database authentication provider for use in our DNN portal.
I have updated the stored proc to return user name details from external tables.
the returned information contains ; seperated list of role names the user belongs to.
When the user logs in for the first time, it looks like an entry is created in the "USers" tabel and entries added to "USerRoles" table.
it looks like the role information that is returned from the stored proc is ignored.
for example:
i have the following security roles setup in DNN portal
Catalog View
Quote View
for a user i am returning string like: ";Catalog View;Quote View" from the ICG_External_ValidateLogin stored proc as RoleInfo.
the system does not add records into the UserRoles table for the above roles. It only adds records for the roles of "Registered Users" and "Subscribers".
can somebody help to resolve this...
thank you
Mani |
|
|
|
|
Mitchel Sellers
Site Moderator
Basic Member
Posts:245
|
| 28 May 2009 04:14 AM |
|
Mani,
WHat do you have setup in the configuration for the authentication provider for role assignment. |
|
-Mitchel Sellers, Microsoft C# MVP, MCITP
CEO
IowaComputerGurus Inc!
Visit my blog for helpful technical articles
For recommended products and services view the links to the right. |
|
|
Mani
New Member
Posts:2
|
| 28 May 2009 04:40 AM |
|
HI Mitchel,
I have enabled "Assign Roles" in the configuration.
|
|
|
|
|
Mitchel Sellers
Site Moderator
Basic Member
Posts:245
|
| 28 May 2009 04:47 AM |
|
You must setup a mapping, between roles. Your match text that you are looking for, and the role that should be assigned.
This is outlined in the documentation, let me know if you need more help. |
|
-Mitchel Sellers, Microsoft C# MVP, MCITP
CEO
IowaComputerGurus Inc!
Visit my blog for helpful technical articles
For recommended products and services view the links to the right. |
|
|
andbene
New Member
Posts:5
|
| 05 Oct 2009 08:36 AM |
|
Hi Mitchel, the documentation is not really clear about the format of RoleInfo.
I have tried to dig deep till cbp.fillcollection but I haven't found the way the string is parsed. I have done the mapping of roleinfo "SE_DOWNLOAD_DOWNLOAD" with the dnnrole "Download".
If I use this SP It work with one role retrieved
SELECT
US_Lastname AS "LName",
US_Firstname AS "FName",
'' AS "MI",
US_EMail AS "EmailAddress",
US_Password AS "Password",
US_Username AS "Username",
'SE_DOWNLOAD_DOWNLOAD' AS "RoleInfo"
FROM dbo.tbl_USers
WHERE US_Username = @UserName
AND US_Password = @Password
but if I add a second role in the roleinfo string it failed in every circumstance.
'SE_DOWNLOAD_DOWNLOAD, SE_HIERARCHY_LOOKCHILD' AS "RoleInfo"
'SE_DOWNLOAD_DOWNLOAD; SE_HIERARCHY_LOOKCHILD' AS "RoleInfo"
'SE_DOWNLOAD_DOWNLOAD,SE_HIERARCHY_LOOKCHILD' AS "RoleInfo"
'SE_DOWNLOAD_DOWNLOAD;SE_HIERARCHY_LOOKCHILD' AS "RoleInfo"
Can you explain me better ? thank you. |
|
|
|
|
Mitchel Sellers
Site Moderator
Basic Member
Posts:245
|
| 05 Oct 2009 02:53 PM |
|
The role mapping functionality for the provider in the current implementation is an exact string match.
So if you wanted to add a user to two roles, you would match the string exactly, then have two roles assigned.
In your example, the match text would be "SE_DOQNLOAD_DOWNLOAD;SE_HIERARCHY_LOOKCHILD" minus the " characters.
Then you would simply assign two roles. The next version will support a "split character" to allow multiple roles to be more easily managed. |
|
-Mitchel Sellers, Microsoft C# MVP, MCITP
CEO
IowaComputerGurus Inc!
Visit my blog for helpful technical articles
For recommended products and services view the links to the right. |
|
|
andbene
New Member
Posts:5
|
| 05 Oct 2009 03:02 PM |
|
So I have to insert in the role-match table under the provider four rows ?
Role Match string
Download SE_DOWNLOAD_DOWNLOAD;SE_HIERARCHY_LOOKCHILD
Hierarchy SE_DOWNLOAD_DOWNLOAD;SE_HIERARCHY_LOOKCHILD
Hierarchy SE_HIERARCHY_LOOKCHILD
Download SE_DOWNLOAD_DOWNLOAD
I have understand correctly ? |
|
|
|
|
Mitchel Sellers
Site Moderator
Basic Member
Posts:245
|
| 05 Oct 2009 03:04 PM |
|
| Yes, that is 100% correct! |
|
-Mitchel Sellers, Microsoft C# MVP, MCITP
CEO
IowaComputerGurus Inc!
Visit my blog for helpful technical articles
For recommended products and services view the links to the right. |
|
|
andbene
New Member
Posts:5
|
| 06 Oct 2009 05:08 PM |
|
I have done a workaround to this problem as 2^N grow pretty fast :-)
I'll post here the mod as I think many can find it usefull.
The solution is to modify [ICG_Auth_GetRoleAssignmentsByMatchText] calling a new table value function.
------------[ICG_Auth_GetRoleAssignmentsByMatchText]
ALTER PROCEDURE [dbo].[ICG_Auth_GetRoleAssignmentsByMatchText]
@PortalId INT,
@MatchText VARCHAR(100)
AS
SELECT
DISTINCT
RoleName
FROM dbo.[ICG_Auth_RoleAssignment]
WHERE PortalId = @PortalId
AND MatchText IN (select * from dbo.IGC_SplitMatchString(@MatchText))
ORDER BY RoleName
------------[IGC_SplitMatchString]
CREATE FUNCTION [dbo].[IGC_SplitMatchString]
(
@RecordIDList varchar(800)
)
RETURNS
@ParsedList table
(
RecordID varchar(100)
)
AS
BEGIN
DECLARE @RecordID varchar(20), @Pos int
SET @RecordIDList = LTRIM(RTRIM(@RecordIDList))+ ','
SET @Pos = CHARINDEX(',', @RecordIDList, 1)
IF REPLACE(@RecordIDList, ',', '') <> ''
BEGIN
WHILE @Pos > 0
BEGIN
SET @RecordID = LTRIM(RTRIM(LEFT(@RecordIDList, @Pos - 1)))
IF @RecordID <> ''
BEGIN
INSERT INTO @ParsedList (RecordID)
VALUES (CAST(@RecordID AS varchar(100))) --Use Appropriate conversion
END
SET @RecordIDList = RIGHT(@RecordIDList, LEN(@RecordIDList) - @Pos)
SET @Pos = CHARINDEX(',', @RecordIDList, 1)
END
END
RETURN
END |
|
|
|
|