Adding Rhino.Security Support to S#arp Projects

[Update on 9/14/09 - David Archer has provided some updated instructions for getting the latest Rhino.Security working with the latest of S#arp Architecture.]

I've always found the ASP.NET Membership and Role providers to be a bit limiting.  I've usually ended up rolling my own security mechanism but have recently been using Rhino.Security which I find simple enough for basic scenarios, such as simple role support, while being sophisticated enough to handle operational permissions for more demanding situations.  With help from Denis Connolly and Luca Lusetti on the S#arp Architecture discussion forum, what follows are the steps for integrating Rhino.Security into an ASP.NET MVC, S#arp Architecture project:

  1. Using your favorite SVN client, such as Tortoise SVN, download the latest Rhino.Security source from https://rhino-tools.svn.sourceforge.net/svnroot/rhino-tools/trunk
  2. Within the download folder, run build_without_tests.cmd
  3. Copy a few items from /build/net-3.5/debug/ to YourApp/lib/
    • Castle.Components.Validator.dll/xml
    • Rhino.Commons.Clr.dll/xml
    • Rhino.Commons.dll/xml
    • Rhino.Commons.NHibernate.dll/xml
    • Rhino.Security.dll/xml
  4. To YourProject.Web, add references to all of the above assemblies added to YourApp/lib/
  5. To YourProject.Web/CastleWindsor/ComponentRegistrar.cs:
    • Add a new using statement to the top:  using Rhino.Commons;
    • Within AddGenericRepositoriesTo(), change the "repositoryType" registration to the following, to remove the reference conflict (be sure to watch out for accidentally introducing other such IRepository<> conflicts in your code):
      container.AddComponent("repositoryType",
      typeof(SharpArch.Core.PersistenceSupport.IRepository<>), typeof(SharpArch.Data.NHibernate.Repository<>));
    • Add a new method to register the dependencies for Rhino.Security:
      private static void AddRhinoSecurityComponentsTo(IWindsorContainer container) {
      container.AddComponent("rhinoRepositoryType",
      typeof(Rhino.Commons.IRepository<>), typeof(NHRepository<>));
      container.AddComponent("unitOfWorkFactoryType",
      typeof(IUnitOfWorkFactory), typeof(NHibernateUnitOfWorkFactory));
    • Add a call to the new method within AddComponentsTo()
  6. To YourProject.Core, add an assembly reference to Rhino.Security.dll
  7. To YourProject.Core, add the class YourProject.Core/User.cs and have it implement Rhino.Security.IUser, e.g.:
    using Rhino.Security;
    using SharpArch.Core.DomainModel;

    namespace YourProject.Core
    {
    public class User : Entity, IUser
    {
    [DomainSignature]
    public virtual string Username { get; set; }

    public virtual SecurityInfo SecurityInfo {
    get { return new SecurityInfo(Username, Id); }
    }
    }
    }
  8. Create a "Users" table in YourProject's DB to support the User object
  9. Add a new file, User.hbm.xml to YourProject.Data/NHibernateMaps.  After adding it, right click it, go to properties and set the Build Action to Embedded Resource.  The HBM file should map the user class; e.g.:
    <?xml version="1.0" encoding="utf-8"?>
    <hibernate-mapping xmlns="urn:nhibernate-mapping-2.2" default-lazy="true" assembly="YourProject.Core" namespace="YourProject.Core">
    <class name="User" table="Users" xmlns="urn:nhibernate-mapping-2.2">
    <id name="Id">
    <generator class="identity" />
    </id>

    <property name="Username" />
    </class>
    </hibernate-mapping>
  10. Add a new class, YourProject.Web/CastleWindsor/FacilitiesRegistrar.cs and include the following:
    using Rhino.Security;
    using Rhino.Commons.Facilities;
    using Rhino.Commons;
    using WorkWithRhino.Core;

    namespace WorkWithRhino.Web.CastleWindsor
    {
    public class FacilitiesRegistrar
    {
    public static void AddFacilitiesTo(Castle.Windsor.IWindsorContainer container) {
    container.AddFacility("rhinoSecurityFacility",
    new RhinoSecurityFacility(SecurityTableStructure.Prefix, typeof(YourProject.Core.User)));

    IoC.Initialize(container);
    }
    }
    }
  11. To YourProject.Web/Global.asax.cs, add the following:
    using Rhino.Commons;
    using Rhino.Commons.Facilities;
    using Rhino.Security;

    ...

    protected virtual void InitializeServiceLocator() {
    ...
    FacilitiesRegistrar.AddFacilitiesTo(container);
    ...
    }
  12. Copy (not rename) YourProject.Web/NHibernate.config to YourProject.Web/Hibernate.cfg.xml and add the following below the proxyfactory.factory_class property:
    <property name="cache.provider_class">NHibernate.Cache.HashtableCacheProvider, NHibernate
    <mapping assembly="YourProject.Data" />
    <mapping assembly="Rhino.Security" />
    Rhino.Security expects Hibernate.cfg.xml to exist, but adding the extra lines to NHibernate.config results in the user class being mapped twice; consequently, an exception is thrown at runtime. It seems kludgy to duplicate the NHibernate configuration file in this way, but I can't find a way around it at the moment.
  13. Run the attached "Rhino Security Schema.sql" on your project DB.
  14. Add references to Rhino.Commons.NHibernate and Rhino.Security to whichever application layers will be using Rhino.Security capabilities
  15. Now use it!

A somewhat useless, example usage:

using (UnitOfWork.Start()) {
// Can also be passed into a constructor via dependency injection
IAuthorizationRepository authorizationRepository =
SafeServiceLocator<IAuthorizationRepository>.GetService();

UsersGroup userGroup =
authorizationRepository.GetUsersGroupByName("admin");
}

Here are a few useful Rhino.Security resources:

Enjoy!

Billy McCafferty


Posted 04-30-2009 7:37 PM by Billy McCafferty

[Advertisement]

Comments

Marco wrote re: Adding Rhino.Security Support to S#arp Projects
on 05-01-2009 7:10 AM

Nice tutorials! Maybe post one about integrating with NHibernate Linq...

(ps linefeeds are missing in source code samples (in Chrome 2.x))

DotNetShoutout wrote Adding Rhino.Security Support to S#arp Projects - Billy McCafferty - Devlicio.us
on 05-01-2009 9:59 AM

Thank you for submitting this cool story - Trackback from DotNetShoutout

BracketFans wrote re: Adding Rhino.Security Support to S#arp Projects
on 05-06-2009 5:27 AM

Hi,

I would like to announce that NCache is out with the new version with updated support for NHibernate. NCache can boost <a href="www.alachisoft.com/.../nhibernate_index.html">NHibernate Cache</a> performance and scalibility. Have a look at

Pharmd730 wrote re: Adding Rhino.Security Support to S#arp Projects
on 05-23-2009 11:29 PM

Very nice site! <a href="apeyixo.com/.../1.html">cheap viagra</a>

Pharme882 wrote re: Adding Rhino.Security Support to S#arp Projects
on 05-23-2009 11:31 PM

Very nice site! cheap cialis apeyixo.com/.../4.html

Pharma290 wrote re: Adding Rhino.Security Support to S#arp Projects
on 05-23-2009 11:31 PM

Very nice site!

Sosh wrote re: Adding Rhino.Security Support to S#arp Projects
on 06-20-2009 5:38 AM

Great, thanks for the detailed howto!

Just a couple of things:

-In step 10 there are a couple of references to WorkWithRhino, which I guess should be YourProject for consistency's sake.

-In step twelve there is a missing /property close tag.

I'm also getting some NHibernate.dll version conflicts, but this is probably something I've done wrong.

Cheers

cheap viagra wrote re: Adding Rhino.Security Support to S#arp Projects
on 07-21-2009 8:46 AM

iTr9Qb xbwrabze jiefyejf omafxgxf

Pharmb600 wrote re: Adding Rhino.Security Support to S#arp Projects
on 08-02-2009 6:28 AM

Very nice site!

Pharme661 wrote re: Adding Rhino.Security Support to S#arp Projects
on 08-08-2009 8:02 PM

Very nice site!

Pharmb401 wrote re: Adding Rhino.Security Support to S#arp Projects
on 08-10-2009 3:52 PM

Very nice site!

avril lavein nude wrote re: Adding Rhino.Security Support to S#arp Projects
on 08-10-2009 5:50 PM

Yes.

">avril lavine nude</a>

javascriptcompressor.com/.../default.aspx

Ryan Tomlinson wrote An Enterprise Authorization Framework: Part 2 - Why Rhino Security is the shit.
on 08-12-2009 12:27 PM

An Enterprise Authorization Framework: Part 2 - Why Rhino Security is the shit.

sam wrote re: Adding Rhino.Security Support to S#arp Projects
on 08-17-2009 2:58 AM

I found NHibernate version conflict. Can anyone give some suggestion

sam wrote re: Adding Rhino.Security Support to S#arp Projects
on 08-17-2009 3:03 AM

By the way, I am using sharp architecture SharpArchitecture_1.0_RTM_build_486

its hibernate version is V2.1.0.3001

But, rhino security is using v2.1.0.1003 of hibernate.dll

Can anyone give some help?

About The CodeBetter.Com Blog Network
CodeBetter.Com FAQ

Our Mission

Advertisers should contact Brendan

Subscribe
Google Reader or Homepage

del.icio.us CodeBetter.com Latest Items
Add to My Yahoo!
Subscribe with Bloglines
Subscribe in NewsGator Online
Subscribe with myFeedster
Add to My AOL
Furl CodeBetter.com Latest Items
Subscribe in Rojo

Member Projects
DimeCasts.Net - Derik Whittaker

Friends of Devlicio.us
Red-Gate Tools For SQL and .NET

NDepend

SlickEdit
 
SmartInspect .NET Logging
NGEDIT: ViEmu and Codekana
LiteAccounting.Com
DevExpress
Fixx
NHibernate Profiler
Unfuddle
Balsamiq Mockups
Scrumy
JetBrains - ReSharper
Umbraco
NServiceBus
RavenDb
Web Sequence Diagrams
Ducksboard<-- NEW Friend!

 



Site Copyright © 2007 CodeBetter.Com
Content Copyright Individual Bloggers

 

Community Server (Commercial Edition)