Home
C#
Protection Proxy Example (Design Pattern)
Updated Nov 17, 2022
Dot Net Perls
DataSetFactoryinterface

Protection proxy

A protection proxy controls resource acquisition. It is used to fetch resources and authenticate users. This C# design pattern can coalesce code and make it easier to maintain.

An implementation must access the database only when required to, and only when the user is authenticated. We use an interface to work with the protection proxy.

Intro

We want a class for database-related code. The logic sends back DataTable or DataSet objects to the rest of the program. In this database layer file, we need an interface.

Tip An interface is a contract that will be used to "connect" the actual database-using code to the proxy class.
Info The proxy may implement an interface containing five methods, but it does not include the actual SQL code in its methods.
DatabaseLayer.cs
    - Interface IJournalData

Proxy interface

This interface is shared between the database layer and proxy. This interface will be shared by the proxy and database classes. An interface does not have implementations.

Info The proxy forwards method calls to its inner database object only if the authentication check succeeds.
public interface IJournalData
{
    void InsertNewRow(DateTime dateTime);
    DataTable GetSearchResults(string queryString);
}

Implementation

The proxy sets between the database code itself, and the callers in the user interface. The Authenticate() method is not part of the interface, but a special method on the proxy.

public class JournalProxy : IJournalData
{
    JournalLayer _journalLayer;
    string _password;

    public bool Authenticate(string suppliedPassword)
    {
        // User sends in the password, and we make sure it is correct.
        if (string.IsNullOrEmpty(suppliedPassword) ||
            suppliedPassword != _password)
        {
            return false;
        }

        // Password is correct.
        // Allocate the database layer,
        // ... and setup the connection to the database code.
        _journalLayer = new JournalLayer();
        return true;
    }

    public void InsertNewRow(DateTime dateTime)
    {
        // In every method that the proxy implements from the interface,
        // ... make sure that the user was authenticated.
        if (_journalLayer == null)
        {
            return;
        }
        // Forward the call to the actual database code.
        _journalLayer.InsertNewRow(dateTime);
    }

    public DataTable GetSearchResults(string queryString)
    {
        if (_journalLayer == null)
        {
            return null;
        }
        return _journalLayer.GetSearchResults(queryString);
    }
}

Usage

At this point, we use the protection proxy in the user interface code. We are using Windows Forms and this code is inside a class that implements a Form.

Info Authenticate is only called when the user enters a password. Then you can use your database layer object without worrying about passwords.
JournalProxy _journal = new JournalProxy();

private void PasswordEntered()
{
    if (_journal.Authenticate(passwordTextBox.Text))
    {
        // Show something from the database.
    }
    else
    {
        textBox1.Text = "Password is incorrect";
        // User must now enter a new password.
        passwordTextBox.Clear();
    }
}

Database layer

Here is that we don't need to worry about passwords because the protection proxy handles that logic. It uses an abstraction to make this easier.

class JournalLayer : IJournalData
{
    public void InsertNewRow(DateTime dateTime)
    {
        return;
    }

    public DataTable GetSearchResults(string queryString)
    {
        return new DataTable();
    }
}

Benefits

We consolidate the password authentication code. You can create code that accesses the database without worrying about the password logic.

And The protection proxy is a layer between the user interface and database code.

We used the protection proxy design pattern to manage accesses to important resources. Protection proxy makes C# applications easier to develop when requiring a password for a database.

Dot Net Perls is a collection of pages with code examples, which are updated to stay current. Programming is an art, and it can be learned from examples.
Donate to this site to help offset the costs of running the server. Sites like this will cease to exist if there is no financial support for them.
Sam Allen is passionate about computer languages, and he maintains 100% of the material available on this website. He hopes it makes the world a nicer place.
This page was last updated on Nov 17, 2022 (simplify).
Home
Changes
© 2007-2025 Sam Allen