/// <summary>
/// AuthenticateUser
/// </summary>
/// <param name="domain"></param>
/// <param name="username"></param>
/// <param name="password"></param>
/// <param name="LdapPath"></param>
/// <param name="Errmsg"></param>
/// <returns></returns>
public Dictionary <string, object> AuthenticateUser(string domain, string username, string password, string LdapPath, out string Errmsg, out Dictionary <string, object> DictDetails)
{
CompanyDTO objSelectedCompany = null;
UserInfoDTO ObjuserDTO = null;
UserPrincipal userPrincipal = null;
Errmsg = "";
string domainAndUsername = domain + @"\" + username;
DirectoryEntry entry = new DirectoryEntry(LdapPath, domainAndUsername, password);
DictDetails = new Dictionary <string, object>();
try
{
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
userPrincipal = UserPrincipal.FindByIdentity(ctx, username);
if (compilationSection.Debug)
{
Common.Common.WriteLogToFile("ConnectedServer " + ctx.ConnectedServer + "Container " + ctx.Container + "ContextType " + ctx.ContextType + "Name " + ctx.Name + "Options " + ctx.Options + "UserName " + ctx.UserName, null);
if (userPrincipal == null)
{
Common.Common.WriteLogToFile("userPrincipal null ", null);
}
}
if (userPrincipal != null)
{
using (LoginUserDetails objLoginUserDetails = new LoginUserDetails())
{
using (SSOSL objSSOSL = new SSOSL())
{
using (DataSecurity objDataSecurity = new DataSecurity())
{
// Bind to the native AdsObject to force authentication.
Object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + username + ")";
search.PropertiesToLoad.Add("cn");
SearchResult result = search.FindOne();
if (result == null)
{
//return false;
DictDetails = null;
return(DictDetails);
}
// Update the new path to the user in the directory
LdapPath = result.Path;
string _filterAttribute = (String)result.Properties["cn"][0];
objSelectedCompany = new CompanyDTO();
objSelectedCompany = objSSOSL.getSingleCompanies(InsiderTradingSSO.Common.Common.getSystemConnectionString(), ConfigurationManager.AppSettings["DBName"].ToString());
objLoginUserDetails.CompanyDBConnectionString = objSelectedCompany.CompanyConnectionString;
Hashtable ht_Param = new Hashtable();
if (username != null && !username.Length.Equals(0))
{
ht_Param.Add("EmployeeId", username);
}
if (compilationSection.Debug)
{
Common.Common.WriteLogToFile("Get EmployeeID as " + userPrincipal.EmployeeId, null);
}
else
{
ht_Param.Add("EmployeeId", null);
}
ht_Param.Add("EmailId", userPrincipal.EmailAddress);
if (compilationSection.Debug)
{
Common.Common.WriteLogToFile("Get EmailID as " + userPrincipal.EmailAddress, null);
}
ObjuserDTO = objSSOSL.LoginSSOUserInfo(objLoginUserDetails.CompanyDBConnectionString, ht_Param);
DictDetails.Add("sUserName", ObjuserDTO.LoginID);
DictDetails.Add("sPassword", ObjuserDTO.Password);
DictDetails.Add("sCompanyName", objSelectedCompany.sCompanyDatabaseName);
DictDetails.Add("sCalledFrom", objDataSecurity.CreateHash(string.Format(Common.ConstEnum.s_SSO, Convert.ToString(DateTime.Now.Year)), Common.ConstEnum.User_Password_Encryption_Key));
if (compilationSection.Debug)
{
if (DictDetails.Count >= 0)
{
Common.Common.WriteLogToFile("Diction object with all details ", null);
}
}
return(DictDetails);
}
}
}
}
}
}
catch (Exception ex)
{
Errmsg = ex.Message;
if (compilationSection.Debug)
{
Common.Common.WriteLogToFile("Exception occurred (AuthenticateUser failed ", ex);
}
DictDetails = null;
throw new Exception("Error authenticating user." + ex.Message);
}
return(DictDetails);
}
public ActionResult Index()
{
LoginUserDetails objLoginUserDetails = null;
SSOSL objSSOSL = null;
UserInfoDTO ObjuserDTO = null;
CompanyDTO objSelectedCompany = null;
DataSecurity objDataSecurity = null;
UserPrincipal userPrincipal = null;
string s_debugInfo = string.Empty;
string PrompSSOCredentials = "1";
try
{
if (PrompSSOCredentials == (ConfigurationManager.AppSettings["PromptSSOCredentials"].ToString()))
{
Dictionary <string, string> objCompaniesDictionary = null;
List <InsiderTradingDAL.CompanyDTO> lstCompanies = null;
using (CompaniesSL objCompaniesSL = new CompaniesSL())
{
lstCompanies = objCompaniesSL.getAllCompanies(Common.Common.getSystemConnectionString());
objCompaniesDictionary = new Dictionary <string, string>();
objCompaniesDictionary.Add("", "Select Company");
foreach (InsiderTradingDAL.CompanyDTO objCompanyDTO in lstCompanies)
{
objCompaniesDictionary.Add(objCompanyDTO.sCompanyDatabaseName, objCompanyDTO.sCompanyName);
}
}
ViewBag.JavascriptEncryptionKey = Common.ConstEnum.Javascript_Encryption_Key;
ViewBag.CompaniesDropDown = objCompaniesDictionary;
return(View("SSOLogin"));
//return View("AuthenticationFailed");
}
else
{
//Login with Directory Credentials
using (DirectoryEntry dirEntry = new DirectoryEntry("WinNT://" + Environment.UserDomainName))
{
string s_CurrentLoggedInUser = Request.ServerVariables["LOGON_USER"].ToUpper();
s_debugInfo = "# Domain Name - " + Environment.UserDomainName + "# Request Server Variables (LOGON_USER) - " + s_CurrentLoggedInUser;
if (string.IsNullOrEmpty(s_CurrentLoggedInUser))
{
s_CurrentLoggedInUser = System.Web.HttpContext.Current.User.Identity.Name;
s_debugInfo += "# System.Web.HttpContext.Current.User.Identity.Name - " + s_CurrentLoggedInUser;
}
if (string.IsNullOrEmpty(s_CurrentLoggedInUser))
{
s_CurrentLoggedInUser = User.Identity.Name;
s_debugInfo += "# User.Identity.Name - " + User.Identity.Name;
}
foreach (DirectoryEntry item in dirEntry.Children)
{
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
userPrincipal = UserPrincipal.FindByIdentity(ctx, Request.ServerVariables["LOGON_USER"].Replace(Environment.UserDomainName + @"\", string.Empty));
if (userPrincipal != null)
{
if (s_CurrentLoggedInUser.Equals((Environment.UserDomainName + @"\" + userPrincipal.SamAccountName).ToUpper()))
{
s_debugInfo += "# User Principal Given Name - " + userPrincipal.GivenName + "# User Principal EmployeeId - " + userPrincipal.EmployeeId + "# User Principal EmailAddress - " + userPrincipal.EmailAddress;
using (objSSOSL = new SSOSL())
{
objLoginUserDetails = new LoginUserDetails();
objSelectedCompany = new CompanyDTO();
objSelectedCompany = objSSOSL.getSingleCompanies(InsiderTradingSSO.Common.Common.getSystemConnectionString(), ConfigurationManager.AppSettings["DBName"].ToString());
objLoginUserDetails.CompanyDBConnectionString = objSelectedCompany.CompanyConnectionString;
Hashtable ht_Param = new Hashtable();
if (userPrincipal.EmployeeId != null && !userPrincipal.EmployeeId.Length.Equals(0))
{
ht_Param.Add("EmployeeId", userPrincipal.EmployeeId);
}
else
{
ht_Param.Add("EmailId", userPrincipal.EmailAddress);
}
ObjuserDTO = objSSOSL.LoginSSOUserInfo(objLoginUserDetails.CompanyDBConnectionString, ht_Param);
objDataSecurity = new DataSecurity();
Dictionary <string, object> dictUserDetails = new Dictionary <string, object>();
dictUserDetails.Add("sUserName", ObjuserDTO.LoginID);
dictUserDetails.Add("sPassword", ObjuserDTO.Password);
dictUserDetails.Add("sCompanyName", objSelectedCompany.sCompanyDatabaseName);
dictUserDetails.Add("sCalledFrom", objDataSecurity.CreateHash(string.Format(Common.ConstEnum.s_SSO, Convert.ToString(DateTime.Now.Year)), Common.ConstEnum.User_Password_Encryption_Key));
return(this.RedirectAndPost(ConfigurationManager.AppSettings["VigilanteURL"].ToString(), dictUserDetails));
}
}
}
}
}
}
}
}
catch
{
s_debugInfo += "# Login Failed. ";
return(View("AuthenticationFailed"));
}
finally
{
if (compilationSection.Debug)
{
if (!Directory.Exists(System.Web.HttpContext.Current.Server.MapPath("~/DebugLogs")))
{
Directory.CreateDirectory(System.Web.HttpContext.Current.Server.MapPath("~/DebugLogs"));
}
using (FileStream filestream = new FileStream(System.Web.HttpContext.Current.Server.MapPath("~/DebugLogs/SSODebugLogs.txt"), FileMode.Append, FileAccess.Write, FileShare.ReadWrite))
{
StreamWriter sWriter = new StreamWriter(filestream);
sWriter.WriteLine(" SSO Login - " + DateTime.Now);
string[] arr_debugInfo = s_debugInfo.Split('#');
foreach (string debugInfo in arr_debugInfo)
{
sWriter.WriteLine(debugInfo);
}
sWriter.WriteLine("--------------------------------------------------------------------");
sWriter.Close();
sWriter.Dispose();
filestream.Close();
filestream.Dispose();
}
}
}
return(View());
}
