Okay, so in my last blog, I showed how to configure an application made with Visual Studio LightSwitch to use and implement Access control following Windows Authentication. In this blog, I will show how to configure the same application to use Forms Authentication.
I start off by opening the application I have been working on, and by the way, I have added a few things here and there to it in between blogs.
First, I added several new access controls and enabled them by checking the “Granted for debug” checkbox for each. To put simply, I have set these properties to true, so that when I run, the logged in user can perform all the actions I have indicated. Let’s illustrate by unchecking the canReadPatient rule and running the application.
You will see here two things:
- The current user CAN see the patient screen, because we have not set that in the access control. We are still allowing the user to see the patient screen.
- But the current user cannot see the patient entity.
This illustrates how LightSwitch implements access control on the screen and on the entity levels separately.
By now, I believe you are wondering where we add or delete users and define roles. At first I thought I would have needed to add a new screen by myself but that is not the case with Visual Studio LightSwitch.
To do that, what we need to do is to check the Granted for debug checkbox for the Security Administration Module and then run the app again.
Upon running the app, we get:
Two new screens, one for defining users and another for defining roles! Both neatly tucked in, in their own dropdown menu item called Administration.
And in case you haven’t noticed yet, I have not gone into Forms Authentication while this blog’s title is related to Forms Authentication. The reason behind that, is that Visual Studio LightSwitch makes it so easy to move from Windows Authentication to Forms Authentication by just choosing the appropriate option button.
And that’s it!
Next time I’ll show how to add a new user control J