How to integrate in WinForm ?

Estimated reading: 6 minutes 434 views

To integrate Visual Guard in your application you must:

  • Add the assemblies of Visual Guard as references of your project.
  • Insert the code to enable the security in your application.
  • Create a Visual Guard repository and declare your application. This repository
    will contain all security items (users, roles, permissions …) of your
    application.
  • Generate the Visual Guard configuration files
    by using the Visual Guard console. These configuration files will be needed to
    connect your application to the repository.

Integration Demo


Referencing Visual Guard assemblies

  • Open the solution of your project in Visual Studio.
  • In the solution explorer, expands the project node.
  • Right-click the Project node for the project and select Add Reference
    from the shortcut menu.
  • In .Net tab, select the 4 assemblies
    1. Novalys.VisualGuard.Security
    2. Novalys.VisualGuard.Security.WinForm
    3. Novalys.VisualGuard.Security.<RepositoryType> (Files, SQLServer or Oracle)
    4. Novalys.VisualGuard.Security.<ApplicationFrameworkType> (Depending on type of application’s framework, whether .NetFramework or .NetCore)
    And, then click the Select button, and then click the OK button

Note Note
In the list of assemblies, Visual Studio can display different versions of the
Visual Guard assemblies. You must select the assembly corresponding to the version
of the framework and target (x64, x32, or Any CPU) used in your project.

Note Note
Once the Visual Guard assemblies are referenced into project, you need to mark “Copy Local” property to “true” for each assembly.

Note Note
You must add either Novalys.VisualGuard.Security.NetFramework or Novalys.VisualGuard.Security.Core (Depending on type of application’s framework)
  • Novalys.VisualGuard.Security contains the main Visual Guard classes.
  • Novalys.VisualGuard.Security.Files contains the classes needed to access
    to a file based repository.
  • Novalys.VisualGuard.Security.SQLServer contains the classes needed
    to access to a repository stored in a Microsoft SQLServer database (SQLServer 2005
    or higher). Available only in Visual Guard Enterprise Edition
  • Novalys.VisualGuard.Security.Oracle
    contains the classes needed to access to a repository stored in an Oracle database
    (8i or higher). Available only in Visual Guard Enterprise Edition
  • Novalys.VisualGuard.Security.WinForm contains all classes based on WinForm
    control. This assembly is needed only if you use the forms provided by Visual
    Guard to authenticate, change a password or select a role. If you want to use
    your own form you do not need to add a reference to this assembly.
  • Novalys.VisualGuard.Security.NetFramework contains all classes required to support .Net Framework applications.
    This assembly is needed only if you want to integrate Visual Guard in .net framework applications.
  • Novalys.VisualGuard.Security.Core contains all classes required to support .Net Core applications.
    This assembly is needed only if you want to integrate Visual Guard in .net core applications.

Adding Visual Guard in your code

  • Novalys.VisualGuard.SecurityVGSecurityManager:
    This class provides the main access point for interacting with Visual Guard. It
    provides authentication and authorization features, it allows to set the
    security of the object of your application.
  • VGLoginForm
    This class is the default authentication form provided by Visual Guard. This
    class is very easy to use and is fully integrated with Visual Guard. You can
    use your own form, to authenticate a user. In this case you must call the VGSecurityManagerAuthenticate(String, String) method provided by the VGSecurityManager class.

Authenticating a user in VB.Net project where the application framework is enabled

Imports Novalys.VisualGuard.Security.WinForm 
Imports System.Reflection 
Imports Microsoft.VisualBasic.ApplicationServices 
Namespace My 
           Partial Friend Class MyApplication 

                      Private Sub MyApplication_Startup(ByVal sender As Object, ByVal e As StartupEventArgs) Handles Me.Startup 
                                 Dim form As VGLoginForm = New VGLoginForm() 
                                 If form.ShowDialog() <> DialogResult.OK Then 
                                            e.Cancel = True 
                                            Return 
                                 End If 
                      End Sub 
           End Class 
End Namespace

Using the default login form provided by Visual Guard

Novalys.VisualGuard.Security.WinForm.VGLoginForm login = new Novalys.VisualGuard.Security.WinForm.VGLoginForm(); 
login.HeaderDescription = login.HeaderDescription + Environment.NewLine + "(the default user is \"jsmith\" and its password \"pwd\")"; 
login.UserName = "jsmith"; 
if (login.ShowDialog() == DialogResult.OK) 
{ 
          login.Dispose(); 
          Application.Run(new MDIForm()); 
}
Dim login As New Novalys.VisualGuard.Security.WinForm.VGLoginForm 
login.HeaderDescription = login.HeaderDescription + Environment.NewLine + "(the default user is ""jsmith"" and its password ""pwd"")" 
login.UserName = "jsmith" 
If login.ShowDialog() = DialogResult.OK Then 
          login.Dispose() 
          Application.Run(New MDIForm) 
End If

Authenticating a user with your own login form

this.DialogResult = Dialog.None; 
         VGAuthenticationState state = VGSecurityManager.Authenticate(user.Text, password.Text); 
         if (state.IsFailed) 
         { 
                  if (state.IsCanceled) 
                  { 
                           return; 
                  } 
                  if (state.IsCredentialInvalid) 
                  { 
                           if (state.IsLastBadLogin) 
                           { 
                                    MessageBox.Show("Invalid user or password. The next bad login will lock your account."); 
                           } 
                           else 
                           { 
                                    MessageBox.Show("Invalid user or password");
                           } 
                  } 
                  else if (state.IsUserNotAuthorized)
                  { 
                           MessageBox.Show("user not authorized to log on the application"); 
                  } 
                  else if (state.IsUserAccountExpired) 
                  { MessageBox.Show("your account is no more valid. Contact your administrator");
                  } 
                  else if (state.IsUserAccountNotYetAvailable) 
                  { 
                  MessageBox.Show("your account is not yet available."); 
                  } 
                  else if (state.IsUserAccountLockedOut)
                  { 
                  MessageBox.Show("your account is locked. Contact your administrator."); 
                  } 
                  else if (state.MustChangePasswordAtNextLogon) 
                  { 
                           MessageBox.Show("Your password is not secure enough. You must change it."); 
                           ChangePassword form = New ChangePassword(); 
                           if (form.ShowDialog() == DialogResult.OK) 
                           { 
                                    passwordTextBox.Text = form.NewPassword; goto Reauthenticate; 
                           } 
                  } 
} 
else 
{ 
         this.DialogResult = Dialog.OK; 
         if (!state.IsPasswordSecure) 
         { 
                  MessageBox.Show("Your password is not secure enough. You must change it."); 
                  ChangePassword form = new ChangePassword(); 
                  form.ShowDialog(); 
         } 
}
Reauthenticate: 
Me.DialogResult = DialogResult.None 
          Dim state As VGAuthenticationState = VGSecurityManager.Authenticate(userTextBox.Text, passwordTextBox.Text) 
          If state.IsFailed Then 
                    If state.IsCanceled Then Return 
                    If state.IsCredentialInvalid Then 
                              If state.IsLastBadLogin Then 
                              MessageBox.Show("Invalid user or password. The next bad login will lock your account.") 
                              Else 
                                        MessageBox.Show("Invalid user or password") 
                              End If 
                    ElseIf state.IsUserNotAuthorized Then 
                              MessageBox.Show("user not authorized to log on to the application") 
                    ElseIf state.IsUserAccountExpired Then 
                              MessageBox.Show("your account is no more valid. Contact your administrator") 
                    ElseIf state.IsUserAccountNotYetAvailable Then 
                              MessageBox.Show("your account is not yet available.") 
                    ElseIf state.IsUserAccountLockedOut Then 
                              MessageBox.Show("your account is locked. Contact your administrator.") 
                    ElseIf state.MustChangePasswordAtNextLogon Then
                               ' The user must change the password before reauthenticating 
                              MessageBox.Show("You must change your password") 
                              Dim form As ChangePassword = New ChangePassword 
                              If form.ShowDialog() = DialogResult.OK Then 
                                        passwordTextBox.Text = form.NewPassword 
                                        GoTo Reauthenticate
                              End If 
                    End If 
          Else 
                    Me.DialogResult = DialogResult.OK 
                       If Not state.IsPasswordSecure Then 
                              MessageBox.Show("Your password is not secure enough. You must change it.") 
                              Dim form As ChangePassword = New ChangePassword 
                              form.ShowDialog() 
                    End If 
End If

Loading the security for a user authenticated by an external system (based on Windows
Logon or another Single Sign-on)

Dim state As VGAuthorizationState 
state = VGSecurityManager.LoadSecurity (System.Security.Principal.WindowsIdentity.GetCurrent()) 
If state.IsFailed Then 
          If state.IsUserNotFound Then 
                    MessageBox.Show("Your are not declared in the security repository") 
          ElseIf state.IsUserNotAuthorized Then 
                    MessageBox.Show("Your are not authorized to log on to this application") 
          End If 
Else 
Application.Run(New MDIForm) 
End If
VGAuthorizationState state = VGSecurityManager.LoadSecurity (System.Security.Principal.WindowsIdentity.GetCurrent()); 
if (state.IsFailed) 
{ 
        if (state.IsUserNotFound) 
        { 
                MessageBox.Show("Your are not declared in the security repository"); 
        } 
        elseif (state.IsUserNotAuthorized) 
        { 
                MessageBox.Show("Your are not authorized to log on to this application"); 
        } 
} 
else 
{ 
        Application.Run(new MDIForm()); 
}