To integrate Visual Guard in your application you must:
This demo shows how to integrate Visual Guard .Net in a Winform 2.0 application
In order to use Visual Guard, you must add references to Visual Guard assemblies:
Note: In the list of assemblies, Visual Studio can display different versions of the Visual Guard assemblies. You must select the assembly corresponding to the version of the framework used in your project.
If the assemblies do not appear in this list you can use the Browse tab and select them in the directory <Visual Guard installation directory>/bin/2.0 for .Net 2.0 applications or <Visual Guard installation directory>/bin/1.1 for .Net 1.1 applications
Description of Visual Guard assemblies:There are 2 main classes in Visual Guard:
You must load the security before any other code. This ensures that you set the security of all the objects of your application. If you load your main form before authenticating a user, Visual Guard will not automatically set the security of this form. In this case, you must set the security of this form after loading the permissions of the user (see the method VGSecurityManager.SetSecurity).
It is recommended that you use the event MyApplication_Startup in order to load the security. When the user is not authenticated or authorized, you should set the property e.Cancel to true in order to stop the application. The following example demonstrates how to use the login form provided by Visual Guard to authenticate the user.
Imports Novalys.VisualGuard.Security.WinForm
Imports System.Reflection
Imports Microsoft.VisualBasic.ApplicationServices
Namespace My
Partial Friend Class MyApplication
Private Sub MyApplication_Startup(ByVal sender As
Object, ByVal e As StartupEventArgs) Handles Me.Startup
Dim form As VGLoginForm = New VGLoginForm()
If form.ShowDialog() <> DialogResult.OK Then
e.Cancel
= True
Return
End
If
End Sub
End Class
End Namespace
The following example demonstrates how to authenticate a user. This code can be inserted in the click event of the OK button in a login form:
[C#]
VGAuthenticationState state = VGSecurityManager.Authenticate(user.Text,
password.Text);
if (state.IsFailed())
{
this.DialogResult = Dialog.None
if (state.IsCanceled) return;
if (state.IsCredentialInvalid)
{
if (state.IsLastBadLogin)
{
MessageBox.Show("Invalid
user or password. The next bad login will lock your account.");
}
else
{
MessageBox.Show("Invalid
user or password.");
}
}
else if (state.IsUserNotAuthorized)
{
MessageBox.Show("user
not authorized to log on the application.");
}
else if (state.IsUserAccountExpired)
{
MessageBox.Show("your
account is no more valid. Contact your administrator.");
}
else if (state.IsUserAccountNotYetAvailable)
{
MessageBox.Show("your
account is not yet available.");
}
else if (state.IsUserAccountLockedOut)
{
MessageBox.Show("your
account is locked. Contact your administrator.");
}
else if (state.MustChangePasswordAtNextLogon)
{
MessageBox.Show("Your
password is not secure enough.
You must change
it.")ChangePassword
form =
New ChangePassword();
if (form.ShowDialog()
== DialogResult.OK) {
passwordTextBox.Text = form.NewPassword: goto
Reauthenticate; }
}
}
else
{
if (!state.IsPasswordSecure)
{
MessageBox.Show("Your
password is not enough secure. You must change
it.") ChangePassword
form
= New ChangePassword form.ShowDialog();
}
}
[Visual Basic]
Reauthenticate:
Dim state As VGAuthenticationState = VGSecurityManager.Authenticate(userTextBox.Text,
passwordTextBox.Text)
If state.IsFailed() Then
Me.DialogResult = DialogResult.None
If state.IsCanceled() Then Return
If state.IsCredentialInvalid() Then
If state.IsLastBadLogin() Then
MessageBox.Show("Invalid
user or password. The next bad login will lock your account.")
Else
MessageBox.Show("Invalid
user or password.")
End If
ElseIf state.IsUserNotAuthorized() Then
MessageBox.Show("user
not authorized to log on to the application")
ElseIf state.IsUserAccountExpired() Then
MessageBox.Show("your
account is no more valid. Contact your administrator")
ElseIf state.IsUserAccountNotYetAvailable() Then
MessageBox.Show("your
account is not yet available.")
ElseIf state.IsUserAccountLockedOut() Then
MessageBox.Show("your
account is locked. Contact your administrator.")
ElseIf state.MustChangePasswordAtNextLogon Then
' The user must change the password
before reauthenticating
MessageBox.Show("You must change
your password")
Dim form As ChangePassword
= New ChangePassword
If form.ShowDialog() =
DialogResult.OK Then
passwordTextBox.Text = form.NewPassword
GoTo Reauthenticate
End
If
End If
Else
Me.DialogResult = DialogResult.OK
If Not state.IsPasswordSecure() Then
MessageBox.Show("password
is not secure enough. You must change it.")
Dim form
As ChangePassword
= New ChangePassword
form.ShowDialog() End
If
End If
If you prefer, you can use the default login form provided by Visual Guard. In this case you can use the following code:
[C#]
Novalys.VisualGuard.Security.WinForm.VGLoginForm login = New Novalys.VisualGuard.Security.WinForm.VGLoginForm();
login.HeaderDescription = login.HeaderDescription + Environment.NewLine
+ "(the default user is \"jsmith\"
and its password \"pwd\")";
login.UserName = "jsmith";
If (login.ShowDialog() == DialogResult.OK)
{
login.Dispose();
Application.Run(new MDIForm());
}
[Visual Basic]
Dim login As New Novalys.VisualGuard.Security.WinForm.VGLoginForm
login.HeaderDescription = login.HeaderDescription + Environment.NewLine
+ "(the default user is ""jsmith""
and its password ""pwd"")"
login.UserName = "jsmith"
If login.ShowDialog() = DialogResult.OK Then
login.Dispose()
Application.Run(New MDIForm)
End If
In some cases you may not want to use the Visual Guard authentication mechanism. For example, you can use the Windows logon. In this case you must use the VGSecurityManager.LoadSecurity method. This method will check the authorization of a user and will load the permissions granted to this user.
This example demonstrates how to use the Windows logon to identify the user:
[Visual Basic]
Dim state As VGAuthorizationState
state = VGSecurityManager.LoadSecurity (System.Security.Principal.WindowsIdentity.GetCurrent())
If state.IsFailed Then
If state.IsUserNotFound Then
MessageBox.Show("Your
are not declared in the security repository")
ElseIf state.IsUserNotAuthorized Then
MessageBox.Show("Your
are not authorized to log on to this application")
End If
Else
Application.Run(New MDIForm)
End If
[C#]
VGAuthorizationState state = VGSecurityManager.LoadSecurity (System.Security.Principal.WindowsIdentity.GetCurrent());
if (state.IsFailed)
{
if (state.IsUserNotFound)
{
MessageBox.Show("Your
are not declared in the security repository.");
}
elseif (state.IsUserNotAuthorized)
{
MessageBox.Show("Your
are not authorized to log on to this application.")
}
}
else
{
Application.Run(new MDIForm)
}
If you need to secure only form class in your application, you do not need to add more code. Visual Guard can detect automatically all form creations and sets the security automatically. But, if you want to secure other types of class, you must do the following: