SignInManager.SignIn(ISecurityUser) Method
Signs in the specified user.
Namespace: DevExpress.ExpressApp.Security
Assembly: DevExpress.ExpressApp.Security.v25.1.dll
NuGet Package: DevExpress.ExpressApp.Security
Declaration
Parameters
| Name | Type | Description |
|---|---|---|
| user | ISecurityUser | An XAF Security System user. |
Returns
| Type | Description |
|---|---|
| DevExpress.ExpressApp.Security.AuthenticationResult | An object of the |
Remarks
Use this method to programmatically sign a user into an XAF application. This method takes an object that contains a user’s logon parameters and returns an AuthenticationResult object.
The returned object exposes the following properties.
Succeeded- A
booleanproperty that indicates whether or not the authentication attempt was successful. Principal- If the authentication succeeds, this property contains the ClaimsPrincipal (a collection of statements about the authenticated user) returned by the Security System.
Error- If the authentication fails, this property contains the resulting Exception.
Usage Considerations
- When called, all of the
UserManager.SignIn*methods first ensure that no user is logged in within the current scope. Note that in WinForms applications this guarantees that no user is logged in at all. Blazor apps allow multiple active scopes, so the same guarantee does not apply. If a user is already logged in, these methods throw theInvalidOperationExceptionwith the following message: “Authentication failed: security user already initialized.”.
Example
The following code snippet demonstrates how to use the SignIn method to sign into a nested scope and execute an action on a service user’s behalf (user impersonation):
Note
Note that the user impersonation technique demonstrated below is not supported for WinForms applications.
In Blazor applications, the demonstrated technique is not compatible with the static API exposed by the SecuritySystem class. This is because the SecuritySystem class’s methods always operate on the XAF application instance rather than a scope, so these methods are not affected by impersonation. To avoid faulty behavior in application logic that uses impersonation, ensure that this logic never uses the static API exposed by the SecuritySystem class.
using DevExpress.ExpressApp.Actions;
using DevExpress.ExpressApp.Security;
using DevExpress.Persistent.Base;
// ...
public partial class MyController : ViewController<ListView> {
SimpleAction myAction;
IServiceScopeFactory serviceScopeFactory;
[ActivatorUtilitiesConstructor]
public MyController(IServiceProvider serviceProvider) : this() {
// ...
myAction.Execute += MyAction_Execute;
serviceScopeFactory = serviceProvider.GetRequiredService<IServiceScopeFactory>();
}
// ...
private void MyAction_Execute(object sender, SimpleActionExecuteEventArgs e) {
// ...
// Create a nested service scope whithin which to establish a separate login session.
using (IServiceScope impersonationScope = serviceScopeFactory.CreateScope()) {
// Use the UserManager to obtain the "ServiceUser" user object.
using IObjectSpace nonSecuredObjectSpace = impersonationScope.ServiceProvider
.GetRequiredService<INonSecuredObjectSpaceFactory>().CreateNonSecuredObjectSpace<ApplicationUser>();
ApplicationUser serviceUser = impersonationScope.ServiceProvider
.GetRequiredService<UserManager>().FindUserByName<ApplicationUser>(nonSecuredObjectSpace, "ServiceUser");
// Sign in as "ServiceUser" to the nested scope.
SignInManager signInManager = impersonationScope.ServiceProvider.GetService<SignInManager>();
signInManager.SignIn(serviceUser);
// Obtain an Object Space from the nested scope and use this Object Space
// to manipulate business objects on the "ServiceUser" user's behalf.
using IObjectSpace objectSpace = impersonationScope.ServiceProvider
.GetRequiredService<IObjectSpaceFactory>().CreateObjectSpace<MyActionPerMonth>();
// ...
}
}
}