To see some of what has been covered in this and the previous chapter, you'll build a two (or three) piece application. This application consists of one or two DLLs containing some of the code provided in this and the previous chapter. This code is Listings 11.1, 11.2, 11.3, and 10.12. The other part of the application is a user front end that enables you to enter a username and password to validate and a file to check for access.
Package the code listings into a couple of DLLs. For the first DLL, create a project named SecurLoginBO and place the code listings from this chapter, 11.1, 11.2, and 11.3, into a class named clsLoginDomain. For the second DLL, create a project named Authorize and place the code listing 10.12 from the previous chapter into a class named clsAuthorize. Compile both of these projects into DLLs.
Start a new project to create a standard EXE. Include in this project references to the two DLLs that you just created. Next, add the Microsoft Common Dialog Component to the project, as shown in Figure 11.8.
Next, lay out the application dialog as shown in Figure 11.9, configuring the controls as listed in Table 11.3.
Next, attach code to the Exit button to close the application by adding the code in Listing 11.4 to the Click event for this button.
Private Sub cmdExit_Click() '--- Close the application Unload Me End Sub |
And then allow the user the ability to browse to select the file to try and open by adding the code in Listing 11.5 to the Click event of the Browse button.
Private Sub cmdBrowse_Click() '--- Get the file name to open cdDialogs.ShowOpen txtFilename = cdDialogs.FileName End Sub |
The remaining functionality for the application is to perform the user logon and to test the specified file for access privileges. To do this, you need to create new instances of both the DLLs that you created, call the LoginUser method in the first DLL, and if successfully logged in, pass the filename and the login token to the TestFileForAccess method in the second DLL. After you have tested the access of the user, you need to call the CloseLogin method in the first DLL to end the user session that you created. To add this functionality, attach the code in Listing 11.6 to the Check Login button.
At this point you should be able to run this application, if you are logged in as an account that has permission to act as part of the operating system, and test user accounts that you have configured on your system, as shown in Figure 11.10. What you might want to do is configure a directory so that a specific account does not have access to that directory, and then try creating files in that directory using several accounts. This should provide a good feel for how you can leverage impersonation using a logon token as a way to restrict user access to resources on a server in a distributed application.