Unit tests, need good advice ?

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

Claude Vernier - 28 Jun 2004 10:08 GMT

Hi all,

First, please excuse my english... don't hesitate to ask for more details...

I have a web service that need to be authenticated
to allow users to connect.

I'm building a Web Application to access this WS.
I want every one to be able to acces the application.

I tought, using this code to map outside user to a guest account:

if( System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated )
{
    _WS.Credentials = System.Net.CredentialCache.DefaultCredentials;
}
else
{
    System.Net.NetworkCredential oCreds = new System.Net.NetworkCredential();
    oCreds.Domain = "domain";
    oCreds.UserName = "user";
    oCreds.Password = "password";
    _WS.Credentials = oCreds;
}

I have three problems/questions...

    a) What do experienced people think of this solution.
    b) I need to do Unit Test for this, can I simulate a not logged user ???
    c) How should I make the password secure ??

Thanks you very much for any comments.
Claude Vernier

Reply to this Message

Telmo Sampaio - 29 Jun 2004 03:35 GMT

inline

Telmo Sampaio
tsampaio@gmail.com

> I have a web service that need to be authenticated
> to allow users to connect.
[quoted text clipped - 18 lines]
>
> a) What do experienced people think of this solution.

Instead of IsAuthenticated I would simply pass the Default Credetials. This
way, if you have a non-authenticated user the Guest (IUSR_CN or whatever is
setup in IIS). This is more secure since it will not send your users'
password over the wire.

> b) I need to do Unit Test for this, can I simulate a not logged user ???

Yeah, use a computer or virtual computer not logged on the the domain and
access you web app.

> c) How should I make the password secure ??

Check (a) or use SSL.

Telmo Sampaio
tsampaio@gmail.com

Reply to this Message

Unit tests, need good advice ?

Free Magazines