CmsApplicationContext

Unlike previous versions of CMS, the current release allows the creation of a Context in a stand-alone situation potentially outside the confines of IIS. For instance, console-based applications, Web Services, or WinForm applications, to name a few, can benefit from the use of a CmsApplicationContext. CmsApplicationContext is the entry point into PAPI for applications when there is no URL involved. It can also be very useful in a Web application when the current CmsHttpContext isn't what we need. CMS needs the following two pieces of information to fully hydrate a CmsApplicationContext object:

  • Authenticated user

  • Publishing mode

There is no URL, so channel and posting are not provided. This type of Context is never automatically created for us, so we create an instance of this object using a constructor. The CmsApplicationContext provides four methods for authenticating the Context (discussed in detail later in this chapter) as a specific user in a specific publishing mode. So, we can instantiate a Context using the credentials of our choosing in the mode of our choosing. Outside of the constructor and authentication methods, the functionality of the CmsApplicationContext is inherited from the same base class as CmsHttpContext. So, aside from not having a current Channel object or a current Posting object, the CmsApplicationContext works much the same way that the CmsHttpContext did. Specific Channel and Posting objects can certainly be located and manipulated using root hierarchy properties or the Searches property.

NOTE: The Searches property is discussed at length in Chapter 28.


Also, all three hierarchies (channel, resource gallery, and template gallery) are available using the CmsApplicationContext class.

Because we control the creation of CmsApplicationContext, the number of instances that we can create is limited only by the hardware. But like the CmsHttpContext class, the CmsApplicationContext cannot be inherited by any other class.

When we are using CmsApplicationContext, it is possible to expend a large amount of time between an object's modification and the commitment or abandonment (rollback) of that modification. Because other users may be blocked from accessing areas of the site while these transactions are in an uncommitted state, CommitAll should be called swiftly after any modification. As always, is not recommended that you wait for a response from the user before calling CommitAll.

NOTE: When you are using a CmsApplicationContext to alter an object, users can be blocked from using portions of CMS if alterations are not swiftly committed. Also, transactions must be committed one at a time.


The "new" keyword must be used when you are declaring the CmsApplicationContext Context. For instance, earlier we used the following code to get a handle to the CmsHttpContext in our template file:

 CmsHttpContext cmsContext = CmsHttpContext.Current; 

But to get a handle to the CmsApplicationContext in a stand-alone situation, we would use something similar to the following code:

 CmsApplicationContext cmsContext = new CmsApplicationContext(); 

Next we need to use one of the four authentication methods of the CmsApplicationContext class; otherwise, this new Context doesn't know what credentials or mode to use, and we won't be able to access or manipulate anything. If we skip this step, we will receive one of those verbose .NET error pages that basically says, Login required. The requested action can only be performed after a successful login has been completed. The current session is not logged in.

The four authentication methods are:

  • AuthenticateAsUser

  • AuthenticateAsGuest

  • AuthenticateAsCurrentUser

  • AuthenticateUsingUserHandle

AuthenticateAsUser

In our initial example, we will use the AuthenticateAsUser method to authenticate to CMS. This method requires, at a minimum, the programmer to provide values for a user name, password, and publishing mode (Update, in this example). The values for the user name and password could be hardcoded, but we are going to use the ClientAccountName of the current user and a password entered into the TextBox on our posting. The mode will be hardcoded to Update. This implies that the account we log in with must have sufficient security rights to update the posting. If we log in with an invalid user, or, more likely, we forget to type our password into the TextBox, we will receive one of those verbose .NET error pages that basically says, Login attempt failed. Access is denied.

Replace the Button1_Click function of our Scratchpad template with the following code:

 private void Button1_Click(object sender, System.EventArgs e) {   //1. Grab an Application Context   CmsApplicationContext cmsContextApp =     new CmsApplicationContext();   //2. Log in to CMS   //   Use User ID used to authenticate to Posting   //   Use password in TextBox   //   Put the created Context into Update mode   cmsContextApp.AuthenticateAsUser(     cmsContextHttp.Current.User.ClientAccountName,     TextBox1.Text,     PublishingMode.Update);   //3. Populate the label with the user name and mode   Label1.Text = "<b>UserName:</b>" +     cmsContextApp.User.ToString() +     " <b>AppMode: </b>" + cmsContextApp.Mode.ToString(); } 

The comments should adequately explain what the code is doing. Build the solution and then browse to or refresh the posting in Internet Explorer. Type your password into the TextBox and click the button labeled Button. The page should reload, and the Label should display the following (Figure 24-5):

 UserName: WinNT://Machinename/UserName AppMode: Update 
Figure 24-5. AuthenticateAsUser

graphics/24fig05.gif

where Machinename will be the name of your PC, assuming it is hosted on localhost, and UserName will be the user name you used to authenticate to the application.

If you forget to enter your password or the password isn't for the user in cmsContextHttp.User.ClientAccountName, you will receive one of those verbose .NET error pages that basically says, Login attempt failed. Access is denied.

AuthenticateAsGuest

Next we will use the AuthenticateAsGuest method to authenticate to CMS. This method requires the programmer to simply provide the publishing mode (Update, in this example) with which the guest user will be authenticated. The built-in guest account will be used to authenticate. If the guest account hasn't been enabled and configured by the CMS Server Configuration Application (SCA), we will get one of those verbose .NET error pages when we run this code that basically says, The current user does not have rights to the requested item.

NOTE: Using the Server Configuration Application is discussed at length in Chapter 18.


This implies that the account we log in with must have sufficient security rights to update the posting. If we log in with an invalid user, we will receive one of those verbose .NET error pages that basically says, Login attempt failed. Access is denied.

Replace the Button1_Click function of our Scratchpad template file with the following code:

 private void Button1_Click(object sender, System.EventArgs e) {   //1. Grab an Application Context   CmsApplicationContext cmsContextApp =     new CmsApplicationContext();   //2. Log in to CMS as Guest   //   Will only work if Guest Access is enabled in the SCA   cmsContextApp.AuthenticateAsGuest(PublishingMode.Update);   //3. Populate the label with the user name and mode   Label1.Text = "<b>UserName:</b>" +     cmsContextApp.User.ToString() +     " <b>AppMode: </b>" + cmsContextApp.Mode.ToString(); } 

The comments should adequately explain what the code is doing. The only difference between this code sample and the previous one is the way in which we are authenticating the CmsApplicationContext. Build the solution and then browse to or refresh the posting in Internet Explorer. The only visible change in the output is the user name displayed, and, of course, no password was required in the text box (Figure 24-6).

Figure 24-6. AuthenticateAsGuest

graphics/24fig06.gif

AuthenticateAsCurrentUser

Next we will use the AuthenticateAsCurrentUser method to authenticate to CMS. This method requires the programmer to simply provide the publishing mode (Update, in this example) with which the CmsApplicationContext will be authenticated. The current user will be used to authenticate.

NOTE: Be aware, AuthenticateAsCurrentUser may not work as you expect within an ASPX page. IIS has its own set of users (like ASPNET, IUSR_Machinename, and IWAM_Machinename) that it uses to perform things while processing a Web request. It will also behave in different ways depending on the impersonation settings in the web.config and machine.config files. Authentication modes selected for the CMS virtual directory in IIS can also have an impact.


If the guest account is enabled and configured by the CMS Server Configuration Application, it will be used to authenticate, and we will see the actual IIS user being used in the resulting posting. Alternatively, the ASP.NET user (usually ASPNET) could be configured by Site Manager with sufficient security rights to update the posting. However, if one of these options isn't implemented, we will receive one of those verbose .NET error pages that basically says, Login attempt failed. Access is denied.

Replace the Button1_Click function of our Scratchpad template file with the following code:

 private void Button1_Click(object sender, System.EventArgs e) {   //1. Grab an Application Context   CmsApplicationContext cmsContextApp =     new CmsApplicationContext();   //2. Log in to CMS as Guest   //   Will only work if Guest Access is enabled in the SCA   cmsContextApp.AuthenticateAsCurrentUser(PublishingMode.Update);   //3. Populate the label with the user name and mode   Label1.Text = "<b>UserName:</b>" +     cmsContextApp.User.ToString() +     " <b>AppMode: </b>" + cmsContextApp.Mode.ToString(); } 

The comments should adequately explain what the code is doing. The only difference between this code sample and the previous one is the way in which we are authenticating the CmsApplicationContext. Build the solution and then browse to or refresh the posting in Internet Explorer. The only visible change in the output is the user name displayed (Figure 24-7).

Figure 24-7. AuthenticateAsCurrentUser

graphics/24fig07.gif

AuthenticateUsingUserHandle

Finally, we will use the AuthenticateUsingUserHandle method to authenticate to CMS. This method requires the programmer to provide a WindowsIdentity token along with the publishing mode (Update, in this example). The user associated with that WindowsIdentity token (the actual current Windows user, in this example) will be used to authenticate in that mode.

The guest account must be enabled and configured by the CMS Server Configuration Application to use this mode. The Windows user must also be configured by Site Manager with sufficient security rights to update the posting. Also, the IIS Web site must be configured using Windows authentication.

NOTE: Setting up IIS security is covered in Chapter 19.


As previously stated, these conditions must all be met, or we will receive one of those verbose .NET error pages that basically says, Login attempt failed. Access is denied.

Replace the Button1_Click function of our Scratchpad template file with the following code:

 private void Button1_Click(object sender, System.EventArgs e) {   //1. Grab an Application Context   CmsApplicationContext cmsContextApp =     new CmsApplicationContext();   //2. Assign current Windows User to a WindowsIdentity variable   //   This will only work if IIS is set to Windows Authentication   //   and Guest Access is enabled in the SCA   System.Security.Principal.WindowsIdentity identCurrentUser =     System.Security.Principal.WindowsIdentity.GetCurrent();   //3. Log in to CMS   //   Use the currently authenticated Windows User for credentials   //   Put the created Context into Update mode   cmsContextApp.AuthenticateUsingUserHandle(     identCurrentUser.Token, PublishingMode.Update);   //4. Populate the label with the user token and mode   Label1.Text = "<b>UserToken:</b>" +     identCurrentUser.Token.ToString() +     " <b>AppMode: </b>" + cmsContextApp.Mode.ToString(); } 

The comments should adequately explain what the code is doing. The second line of code is key; it retrieves the token that we use to seed this authentication method. Build the solution and then browse to or refresh the posting in Internet Explorer. The only visible change in the output is the user name displayed (Figure 24-8).

Figure 24-8. AuthenticateUsingUserHandle

graphics/24fig08.gif

When you are using Windows authentication, the identity of the current user under CmsApplicationContext can be affected by the value of the identity tag in the web.config and/or machine.config files. The current user will not be the authenticated Windows user unless you enable impersonation <identity impersonate="true" /> in one of the .config files.



Microsoft Content Management Server 2002. A Complete Guide
Microsoft Content Management Server 2002: A Complete Guide
ISBN: 0321194446
EAN: 2147483647
Year: 2003
Pages: 298

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net