private List <string> GetItems()
{
System.Security.Principal.WindowsImpersonationContext targetImpersonationContext = null;
List <string> list = null;
bool res = false;
System.Data.SqlClient.SqlConnectionStringBuilder bldr;
if (m_serverInfo.windowsAuth)
{
try
{
System.Security.Principal.WindowsIdentity wi =
Impersonation.GetCurrentIdentity(m_serverInfo.login, m_serverInfo.password);
targetImpersonationContext = wi.Impersonate();
}
catch (Exception ex)
{
Idera.SQLsecure.Core.Logger.LogX logX = new Idera.SQLsecure.Core.Logger.LogX("Idera.SQLsecure.UI.Console.Sql.Database");
logX.loggerX.Error("Error Processing Impersonation for retrieving Database objects list (" + m_serverInfo.login + ")", ex);
}
bldr = Sql.SqlHelper.ConstructConnectionString(m_serverInfo.connectionName, null, null, Utility.Activity.TypeServerOnPremise);
}
else
{
bldr = Sql.SqlHelper.ConstructConnectionString(m_serverInfo.connectionName, m_serverInfo.login, m_serverInfo.password, Utility.Activity.TypeServerOnPremise);
}
switch (m_filterObject.ObjectType)
{
case RuleObjectType.Database:
res = Idera.SQLsecure.UI.Console.Sql.Database.GetTargetDatabases(m_serverInfo.version, m_filterObject.ObjectScope, bldr.ConnectionString, out list);
break;
case RuleObjectType.Table:
res = Idera.SQLsecure.UI.Console.Sql.Database.GetTargetTables(m_serverInfo.version, m_filterObject.ObjectScope, m_databaseFilterObject, bldr.ConnectionString, out list);
break;
case RuleObjectType.View:
res = Idera.SQLsecure.UI.Console.Sql.Database.GetTargetViews(m_serverInfo.version, m_filterObject.ObjectScope, m_databaseFilterObject, bldr.ConnectionString, out list);
break;
case RuleObjectType.Function:
res = Idera.SQLsecure.UI.Console.Sql.Database.GetTargetFunctions(m_serverInfo.version, m_filterObject.ObjectScope, m_databaseFilterObject, bldr.ConnectionString, out list);
break;
}
if (targetImpersonationContext != null)
{
targetImpersonationContext.Undo();
targetImpersonationContext.Dispose();
targetImpersonationContext = null;
}
return(res ? list : new List <string>());
}
private static WindowsImpersonationContext Impersonate(string userName, string password)
{
using (logX.loggerX.InfoCall())
{
try
{
WindowsIdentity wi =
Impersonation.GetCurrentIdentity(userName, password);
return(wi.Impersonate());
}
catch (Exception ex)
{
logX.loggerX.Error(ex.Message);
return(null);
}
}
}
private static void GetIdentitiesForImpersonation(string sqlLogin, string sqlPassword, AuthType sqlAuthType, string serverLogin, string serverPassword)
{
if (!string.IsNullOrEmpty(serverLogin))
{
try
{
// Set the current identity from the remote user, used for impersonation
m_targetIdentity = Impersonation.GetCurrentIdentity(serverLogin, serverPassword);
}
catch (Exception e)
{
logX.loggerX.Warn(string.Format("Error Impersonating User {0}: {1}", serverLogin, e.Message));
logX.loggerX.Warn(string.Format("Using SQLsecure Collector user {0}", WindowsIdentity.GetCurrent().Name));
//Sql.Database.CreateApplicationActivityEventInRepository(m_Repository.ConnectionString,
// targetName,
// 0,
// Collector.Constants.ActivityType_Warning,
// Collector.Constants.ActivityEvent_Start,
// string.Format("Failed to Impersonate Operating System and Active Directory credentials for {0}, using SQLsecure Collector user {1}", serverLogin, WindowsIdentity.GetCurrent().Name));
}
}
if (sqlAuthType != AuthType.S)
{
try
{
// Set the current identity from the remote user, used for impersonation
m_targetSQLServerIdentity = Impersonation.GetCurrentIdentity(sqlLogin, sqlPassword);
}
catch (Exception e)
{
logX.loggerX.Error(string.Format("Error Impersonating SQL Server User {0}: {1}", sqlLogin, e.Message));
throw new Exception(string.Format("Failed to validate Target SQL Server credentials {0}", sqlLogin));
}
}
else
{
m_UserSQLAuthentication = true;
}
}
private void button_OK_Click(object sender, EventArgs e)
{
bool isCredentialsValid = true;
WindowsImpersonationContext targetImpersonationContext = null;
StringBuilder msgBldr = new StringBuilder();
Forms.ShowWorkingProgress showWorking = new Forms.ShowWorkingProgress();
// Do a very nominal validation of Username and password
// Check if the account format is correct.
if (isCredentialsValid)
{
string domain = string.Empty;
string user = string.Empty;
Path.SplitSamPath(_textBox_Username.Text, out domain, out user);
if (string.IsNullOrEmpty(domain) || string.IsNullOrEmpty(user))
{
if (msgBldr.Length > 0)
{
msgBldr.Append("\n\n");
}
msgBldr.Append(Utility.ErrorMsgs.SqlLoginWindowsUserNotSpecifiedMsg);
isCredentialsValid = false;
}
}
// Check if Username Password can be validated on local computer
if (isCredentialsValid)
{
showWorking.Show("Verifying SQL Server Credentials...", this);
try
{
WindowsIdentity wi =
Impersonation.GetCurrentIdentity(_textBox_Username.Text, _textBox_Password.Text);
targetImpersonationContext = wi.Impersonate();
}
catch (Exception ex)
{
if (msgBldr.Length > 0)
{
msgBldr.Append("\n\n");
}
msgBldr.AppendFormat(string.Format("Could not validate the credentials {0}.", _textBox_Username.Text));
msgBldr.AppendFormat("\r\nError: {0}", ex.Message);
logX.loggerX.Error(string.Format("Error Impersonating {0} for Missing Credentials Check", _textBox_Username.Text, ex));
isCredentialsValid = false;
}
finally
{
showWorking.Close();
Activate();
if (targetImpersonationContext != null)
{
targetImpersonationContext.Undo();
targetImpersonationContext.Dispose();
targetImpersonationContext = null;
}
}
}
if (!isCredentialsValid)
{
msgBldr.Append("\r\n\r\n");
msgBldr.Append("Register Anyway?");
System.Windows.Forms.DialogResult dr = MsgBox.ShowConfirm(ErrorMsgs.RegisterSqlServerCaption, msgBldr.ToString());
if (dr == DialogResult.Yes)
{
isCredentialsValid = true;
}
else
{
DialogResult = DialogResult.None;
}
}
}
public void EnterImpersonation(string fullName, string password)
{
TargetImpersonationContext = Impersonation.GetCurrentIdentity(fullName, password)
.Impersonate();
}
