Beispiel #1
0
        /// <summary>
        /// Raises when a security module has established the identity of the user.
        /// </summary>
        /// <param name="sender">The sourceRow of the event.</param>
        /// <param name="e">An EventArgs that contains the event data.</param>
        protected virtual void Application_AuthenticateRequest(object sender, EventArgs e)
        {
            string pageUrl = Request.AppRelativeCurrentExecutionFilePath;

            if (ResourceProvider.IsResourceUrl(pageUrl))
            {
                Context.SkipAuthorization = true;
            }
            else if (ActionProvider.IsPublicPage(pageUrl))
            {
                if ((!FrameworkConfiguration.Current.WebApplication.Password.EnablePasswordRetrieval) &&
                    (string.Compare(pageUrl, ResourceProvider.PasswordRecoveryPageVirtualPath, StringComparison.OrdinalIgnoreCase) == 0))
                {
                    throw new HttpException(404, Resources.Error_404);
                }
                else
                {
                    Micajah.Common.Bll.Action action = ActionProvider.FindAction(CustomUrlProvider.CreateApplicationAbsoluteUrl(Request.Url.PathAndQuery));
                    if (action != null)
                    {
                        Context.SkipAuthorization = (!action.AuthenticationRequired);
                    }
                    else
                    {
                        Context.SkipAuthorization = true;
                    }

                    switch (FrameworkConfiguration.Current.WebApplication.AuthenticationMode)
                    {
                    case AuthenticationMode.Forms:
                        HttpCookie authCookie = Context.Request.Cookies[FormsAuthentication.FormsCookieName];
                        if (authCookie == null)
                        {
                            FormsIdentity    id        = new FormsIdentity(new FormsAuthenticationTicket(string.Empty, false, FrameworkConfiguration.Current.WebApplication.Login.Timeout));
                            GenericPrincipal principal = new GenericPrincipal(id, null);
                            Context.User = principal;
                        }
                        break;
                    }
                }
            }
        }