/// <summary>
/// create an enterprise session from a one time url
/// </summary>
private void CreateEnterpriseSessionFromUrl()
{
try
{
// create enterprise session from querystring params
_enterpriseSession = new EnterpriseSession
{
IsAdmin = false, // simple host connection only (no hosts management)
SessionID = Request["SI"],
SessionKey = Request["SK"],
SingleUseConnection = true
};
// bind the enterprise session to the current http session
Session[HttpSessionStateVariables.EnterpriseSession.ToString()] = _enterpriseSession;
// session fixation protection
if (_cookielessSession)
{
// generate a new http session id
HttpSessionHelper.RegenerateSessionId();
}
}
catch (Exception exc)
{
System.Diagnostics.Trace.TraceError("Failed to create enterprise session from url ({0})", exc);
}
}
/// <summary>
/// authenticate the user against the enterprise active directory and list the servers available to the user
/// </summary>
private void CreateEnterpriseSessionFromLogin()
{
try
{
// authenticate the user
_enterpriseSession = _enterpriseClient.Authenticate(user.Value, password.Value);
if (_enterpriseSession == null || _enterpriseSession.AuthenticationErrorCode != EnterpriseAuthenticationErrorCode.NONE)
{
if (_enterpriseSession == null)
{
connectError.InnerText = EnterpriseAuthenticationErrorHelper.GetErrorDescription(EnterpriseAuthenticationErrorCode.UNKNOWN_ERROR);
}
else if (_enterpriseSession.AuthenticationErrorCode == EnterpriseAuthenticationErrorCode.PASSWORD_EXPIRED)
{
ClientScript.RegisterClientScriptBlock(GetType(), Guid.NewGuid().ToString(), "window.onload = function() { " + string.Format("openPopup('changePasswordPopup', 'EnterpriseChangePassword.aspx?userName={0}" + (_localAdmin ? "&mode=admin" : string.Empty) + "');", user.Value) + " }", true);
}
else
{
connectError.InnerText = EnterpriseAuthenticationErrorHelper.GetErrorDescription(_enterpriseSession.AuthenticationErrorCode);
}
UpdateControls();
return;
}
// bind the enterprise session to the current http session
Session[HttpSessionStateVariables.EnterpriseSession.ToString()] = _enterpriseSession;
// session fixation protection
if (_httpSessionUseUri)
{
// generate a new http session id
HttpSessionHelper.RegenerateSessionId();
}
// redirect to the hosts list
Response.Redirect("~/", true);
}
catch (ThreadAbortException)
{
// occurs because the response is ended after redirect
}
catch (Exception exc)
{
System.Diagnostics.Trace.TraceError("Failed to create enterprise session from login ({0})", exc);
}
}
/// <summary>
/// enterprise mode from url: load the enterprise session (from querystring param) and proceed to connection; the user is non admin and the url is only usable once
/// enterprise mode from login: authenticate the user against the enterprise active directory and list the servers available to the user; the user is admin if member of the "EnterpriseAdminGroup" defined into myrtille services config
/// standard mode: connect the specified server; authentication is delegated to the remote server or connection broker (if applicable)
/// if MFA is enabled and not already processed, authenticate the user against the configured MFA provider (OTP preferred)
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void ConnectButtonClick(
object sender,
EventArgs e)
{
if (!_authorizedRequest)
{
return;
}
// one time usage enterprise session url
if (_enterpriseSession == null && Request["SI"] != null && Request["SD"] != null && Request["SK"] != null)
{
CreateEnterpriseSessionFromUrl();
}
// MFA (OTP passcode)
if (_enterpriseSession == null && _mfaAuthClient.GetState())
{
var clientIP = ClientIPHelper.ClientIPFromRequest(new HttpContextWrapper(HttpContext.Current).Request, true, new string[] { });
if (!_mfaAuthClient.Authenticate(user.Value, mfaPassword.Value, clientIP))
{
connectError.InnerText = "MFA Authentication failed!";
UpdateControls();
return;
}
}
// enterprise mode from login
if (_enterpriseSession == null && _enterpriseClient.GetState())
{
CreateEnterpriseSessionFromLogin();
}
// connection from:
// > standard mode
// > enterprise mode: hosts list
// > enterprise mode: one time session url
else
{
// the display size is required to start a remote session
// if missing, the client will provide it automatically
if (string.IsNullOrEmpty(width.Value) || string.IsNullOrEmpty(height.Value))
{
return;
}
// connect
if (ConnectRemoteServer())
{
// in enterprise mode from login, a new http session id was already generated (no need to do it each time an host is connected!)
// in standard mode or enterprise mode from url, a new http session id must be generated
if (_enterpriseSession == null || Request["SI"] != null)
{
// session fixation protection
if (_cookielessSession)
{
// generate a new http session id
RemoteSession.OwnerSessionID = HttpSessionHelper.RegenerateSessionId();
}
}
try
{
// standard mode: switch to http get (standard login) or remove the connection params from url (auto-connect / start program from url)
// enterprise mode: remove the host id from url
Response.Redirect("~/", true);
}
catch (ThreadAbortException)
{
// occurs because the response is ended after redirect
}
}
// connection failed from the hosts list or from a one time session url
else if (_enterpriseSession != null && Request["SD"] != null)
{
try
{
// remove the host id from url
Response.Redirect("~/", true);
}
catch (ThreadAbortException)
{
// occurs because the response is ended after redirect
}
}
}
}
