Beispiel #1
0
        protected void LoginControl_loggingIn(object sender, LoginCancelEventArgs e)
        {
            var login = sender as Login;

            if (login != null && login.UserName.IndexOf("\\") == -1)
            {
                var domain = (String.IsNullOrEmpty(this.DefaultDomain) ?
                              System.Web.Configuration.WebConfigurationManager.AppSettings["DefaultDomain"] :
                              this.DefaultDomain) ??
                             string.Empty;

                login.UserName = string.Concat(domain, "\\", login.UserName);
            }

            if (OnUserLoggingIn != null)
            {
                OnUserLoggingIn(sender, e);
            }

            if (login != null)
            {
                var info = new CancellableLoginInfo {
                    UserName = login.UserName
                };
                LoginExtender.OnLoggingIn(info);
                e.Cancel      |= info.Cancel;
                login.UserName = info.UserName;
                _message       = info.Message;
            }
        }
Beispiel #2
0
        protected void LoginControl_loggingIn(object sender, LoginCancelEventArgs e)
        {
            var login = sender as Login;

            if (login != null && login.UserName.IndexOf("\\") == -1)
            {
                var domain = (string.IsNullOrEmpty(this.DefaultDomain)
                    ? IdentityManagement.DefaultDomain
                    : this.DefaultDomain)
                             ?? string.Empty;

                login.UserName = string.Concat(domain, "\\", login.UserName);
            }

            OnUserLoggingIn?.Invoke(sender, e);

            if (login != null)
            {
                var info = new CancellableLoginInfo {
                    UserName = login.UserName
                };
                LoginExtender.OnLoggingIn(info);
                e.Cancel      |= info.Cancel;
                login.UserName = info.UserName;
                _message       = info.Message;
            }
        }
Beispiel #3
0
        public static object Login(Content content, string username, string password)
        {
            if (string.IsNullOrEmpty(username))
            {
                Logout();
                throw new OData.ODataException(OData.ODataExceptionCode.Forbidden);
            }

            if (Membership.ValidateUser(username, password))
            {
                // we need to work with the full username that contains the domain: SetAuthCookie expects that
                if (!username.Contains("\\"))
                {
                    username = IdentityManagement.DefaultDomain + "\\" + username;
                }

                if (User.Current.IsAuthenticated)
                {
                    // if this is the user that is already logged in, return with a success code
                    if (string.CompareOrdinal(User.Current.Username, username) == 0)
                    {
                        using (new SystemAccount())
                        {
                            FormsAuthentication.SetAuthCookie(username, true);
                            return(Content.Create(User.Load(username) as User));
                        }
                    }

                    // logged in as a different user: we have to log out first
                    Logout();
                }

                var info = new CancellableLoginInfo {
                    UserName = username
                };
                LoginExtender.OnLoggingIn(info);
                if (info.Cancel)
                {
                    throw new OData.ODataException(OData.ODataExceptionCode.Forbidden);
                }

                SnLog.WriteAudit(AuditEvent.LoginSuccessful, new Dictionary <string, object>
                {
                    { "UserName", username },
                    { "ClientAddress", RepositoryTools.GetClientIpAddress() }
                });

                LoginExtender.OnLoggedIn(new LoginInfo {
                    UserName = username
                });


                using (new SystemAccount())
                {
                    FormsAuthentication.SetAuthCookie(username, true);
                    return(Content.Create(User.Load(username) as User));
                }
            }

            throw new OData.ODataException(OData.ODataExceptionCode.Forbidden);
        }