void Page_Load(object sender, EventArgs e)
{
login_required();
btnSignIn.Text = L_SubmitLabel_Text;
btnCancel.Text = L_CancelLabel_Text;
if (Page.IsPostBack)
{
return;
}
String deliveryMethod = (string)Session["Delivery"];
RADIUSAttributes atts = new RADIUSAttributes();
if (deliveryMethod != null)
{
deliveryLabel.Text = deliveryMethod;
VendorSpecificAttribute vsa = new VendorSpecificAttribute(VendorSpecificType.Generic, deliveryMethod);
vsa.SetRADIUSAttribute(ref atts);
}
RADIUSClient client = new RADIUSClient(radiusServer, 1812, radiusSecret);
RADIUSPacket response = client.Authenticate(username, password, atts);
if (response == null)
{
Session["Message"] = "No response from RADIUS server";
logoff();
}
onRadiusResponse(response);
}
// Check validity of token (radius session id) by authenticating against
// the RADIUS server
//
// Called when clicking on applications
//
// Returns 401 if not valid
protected void Page_Load(object sender, EventArgs e)
{
username = (string)Session["DomainUserName"];
HttpCookie tokenCookie = Request.Cookies["RadiusSessionId"];
if (tokenCookie == null)
{
throw new HttpException(401, "Token required");
}
token = tokenCookie.Value;
VendorSpecificAttribute vsa = new VendorSpecificAttribute(VendorSpecificType.Generic, "LAUNCH");
RADIUSAttributes atts = new RADIUSAttributes();
vsa.SetRADIUSAttribute(ref atts);
try
{
RADIUSPacket response = radiusClient.Authenticate(username, token, atts);
if (response.Code == RadiusPacketCode.AccessAccept)
{
Response.Write("Ready to launch application. Granted access!");
}
else
{
throw new HttpException(401, "Token is no longer valid!");
}
}
catch (Exception ex)
{
throw new HttpException(500, "Exception! failure. " + ex.Message);
}
}
// Check validity of token (radius session id) by authenticating against
// the RADIUS server
//
// Called when clicking on applications
//
// Returns 401 if not valid
protected void Page_Load(object sender, EventArgs e)
{
username = (string)Session["DomainUserName"];
HttpCookie tokenCookie = Request.Cookies["RadiusSessionId"];
if (tokenCookie == null)
{
throw new HttpException(401, "Token required");
}
token = tokenCookie.Value;
VendorSpecificAttribute vsa = new VendorSpecificAttribute(VendorSpecificType.Generic, "LAUNCH");
RADIUSAttributes atts = new RADIUSAttributes();
vsa.SetRADIUSAttribute(ref atts);
try
{
RADIUSPacket response = radiusClient.Authenticate(username, token, atts);
if (response.Code == RadiusPacketCode.AccessAccept)
{
Response.Write("Ready to launch application. Granted access!");
}
else
{
throw new HttpException(401, "Token is no longer valid!");
}
}
catch (Exception ex)
{
throw new HttpException(500, "Exception! failure. " + ex.Message);
}
}
public void btnSignIn_Click(object sender, EventArgs e)
{
String username = (string)Session["DomainUserName"];
RADIUSAttributes atts = new RADIUSAttributes();
RADIUSAttribute state = (RADIUSAttribute)Session["state"];
RADIUSClient client = new RADIUSClient(radiusServer, 1812, radiusSecret);
atts.Add(state);
String encryptedChallangeResult = Crypto.SHA256(username + SmsToken.Text + radiusSecret);
RADIUSPacket response = client.Authenticate(username, encryptedChallangeResult, atts);
onRadiusResponse(response);
}
private void Accept()
{
Logger.LogDebug(_packet, "AcceptAccessRequest");
var sGuid = Guid.NewGuid().ToString();
UserSessions[_username] = sGuid;
SessionTimestamps[_username] = DateTime.Now;
var attributes = new RADIUSAttributes();
var guidAttribute = new RADIUSAttribute(RadiusAttributeType.ReplyMessage, sGuid);
attributes.Add(guidAttribute);
_packet.AcceptAccessRequest(attributes);
}
public void btnSignIn_Click(object sender, EventArgs e)
{
String username = (string)Session["DomainUserName"];
RADIUSAttributes atts = new RADIUSAttributes();
RADIUSAttribute state = (RADIUSAttribute)Session["state"];
RADIUSClient client = new RADIUSClient(radiusServer, 1812, radiusSecret);
atts.Add(state);
String encryptedChallangeResult = Crypto.SHA256(username + SmsToken.Text + radiusSecret);
RADIUSPacket response = client.Authenticate(username, encryptedChallangeResult, atts);
onRadiusResponse(response);
}
public void btnSignIn_Click(object sender, EventArgs e)
{
String username = (string)Session["DomainUserName"];
RADIUSAttributes atts = new RADIUSAttributes();
RADIUSAttribute state = (RADIUSAttribute)Session["state"];
RADIUSClient client = new RADIUSClient(radiusServer, 1812, radiusSecret);
atts.Add(state);
// Careful to use lower case username in challenge encryption to match what server does.
String encryptedChallengeResult = CryptoHelper.SHA256(username.ToLower() + SmsToken.Text + radiusSecret);
RADIUSPacket response = client.Authenticate(username, encryptedChallengeResult, atts);
onRadiusResponse(response);
}
// Check validity of token (radius session id) by authenticating against
// the RADIUS server
//
// Called when clicking on applications
//
// Returns 401 if not valid
protected void Page_Load(object sender, EventArgs e)
{
string username = (string)Session["DomainUserName"];
HttpCookie tokenCookie = Request.Cookies["RadiusSessionId"];
// This must not be cached - we rely on this page being called on every application
// start attempt in order to open the launch window.
Response.Cache.SetCacheability(HttpCacheability.NoCache);
Response.Cache.SetMaxAge(TimeSpan.Zero);
if (tokenCookie == null)
{
throw new HttpException(401, "Token required");
}
string token = tokenCookie.Value;
VendorSpecificAttribute vsa = new VendorSpecificAttribute(VendorSpecificType.Generic, "LAUNCH");
RADIUSAttributes atts = new RADIUSAttributes();
vsa.SetRADIUSAttribute(ref atts);
try
{
RADIUSPacket response = _radiusClient.Authenticate(username, token, atts);
if (response.Code == RadiusPacketCode.AccessAccept)
{
Response.Write("Ready to launch application. Granted access!");
}
else
{
throw new HttpException(401, "Token is no longer valid!");
}
}
catch (Exception ex)
{
throw new HttpException(500, "Exception! failure. " + ex.Message);
}
}
private void TwoFactorChallenge(SearchResult ldapResult)
{
string challengeCode = PassCodeGenerator.GenerateCode();
string authToken = Guid.NewGuid().ToString();
string clientIp = _packet.EndPoint.Address.ToString();
Logger.LogDebug(_packet, "Access Challenge Code: " + challengeCode);
string sharedSecret ;
if (!Config.Secrets.TryGetValue(clientIp, out sharedSecret))
throw new Exception("No shared secret for client:" + clientIp);
AuthTokens[_username]=authToken;
string encryptedChallengeResult = CryptoHelper.SHA256(_username + challengeCode + sharedSecret);
EncryptedChallengeResults[_username] = encryptedChallengeResult;
if (_useSmsFactor)
{
var mobile = LdapGetNumberCleaned(ldapResult);
Sender.SendSMS(mobile, challengeCode);
}
if (_useEmailFactor)
{
var email = LdapGetEmail(ldapResult);
Sender.SendEmail(email, challengeCode);
}
var attributes = new RADIUSAttributes
{
new RADIUSAttribute(RadiusAttributeType.ReplyMessage, "SMS Token"),
new RADIUSAttribute(RadiusAttributeType.State, authToken)
};
_packet.SendAccessChallenge(attributes);
}
void Page_Load(object sender, EventArgs e)
{
login_required();
btnSignIn.Text = L_SubmitLabel_Text;
btnCancel.Text = L_CancelLabel_Text;
if (Page.IsPostBack){
return;
}
String deliveryMethod = (string)Session["Delivery"];
RADIUSAttributes atts = new RADIUSAttributes();
if (deliveryMethod != null){
deliveryLabel.Text = deliveryMethod;
VendorSpecificAttribute vsa = new VendorSpecificAttribute(VendorSpecificType.Generic, deliveryMethod);
vsa.SetRADIUSAttribute(ref atts);
}
RADIUSClient client = new RADIUSClient(radiusServer, 1812, radiusSecret);
RADIUSPacket response = client.Authenticate(username, password, atts);
if (response == null) {
Session["Message"] = "No response from RADIUS server";
logoff();
}
onRadiusResponse(response);
}
