This chapter will see the following security-focused features added to the Library Project:
The "login" form, which authenticates librarians and other administrative users
Security group and user management forms
A function that encrypts a user-supplied password
Activation of some application features that depend on user authentication
Load the Chapter 11 (Before) Code project, either through the New Project templates or by accessing the project directly from the installation directory. To see the code in its final form, load Chapter 11 (After) Code instead.
Since all of the library's data is stored in a SQL Server database, we already use either Windows or SQL Server security to restrict access to the data itself. But once we connect to the database, we will use a custom authentication system to enable and disable features in the application. It's there that we'll put some of the .NET cryptography features into use.
Before adding the interesting code, we need to add some global variables that support security throughout the application. All of the global elements appear in the General.vb file, within the
Insert Chapter 11, Snippet Item 1.
Public LoggedInUserID As Integer Public LoggedInUserName As String Public LoggedInGroupID As Integer Public SecurityProfile(MaxLibrarySecurity) As Boolean
Although we added it in a previous step, the
LibrarySecurity enumeration is an important part of the security system. Its ...