Beispiel #1
0
    /// <summary>
    /// 取得 Window 登入User的電腦名稱/帳號資訊驗證 UserInfo 是否有此人員可登入
    /// </summary>
    /// <returns></returns>
    public bool GetUserInfo(out Vista.SEC.Information.UserInfo userInfo)
    {
        bool result = false;

        userInfo = new Vista.SEC.Information.UserInfo();

        DataTable dtResult = new DataTable();
        AppDomain myDomain = Thread.GetDomain();

        myDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
        WindowsPrincipal myPrincipal = (WindowsPrincipal)Thread.CurrentPrincipal;

        //ex. JIMULL\Administrator
        if (string.IsNullOrEmpty(myPrincipal.Identity.Name.ToString()) == false)
        {
            string[] Identity = myPrincipal.Identity.Name.ToString().Split('\\');

            userInfo.UserID = Identity[1];
            result          = userInfo.Load();
        }

        return(result);
    }
Beispiel #2
0
    /// <summary>
    /// 登入檢查
    /// </summary>
    private bool DoLogon()
    {
        string strUserID   = txtUserID.Text.Trim();
        string strPassWord = txtPassword.Text.Trim();

        bool blnLogonResult = false;

        Vista.SEC.Common.Common cmn = new Vista.SEC.Common.Common();
        string strIsADMode          = cmn.GetParamValue("ActiveADValid"); //DB於Parameter建INDEX

        if (strIsADMode == "N" || base.IsDEVEnvironment)
        {
            blnLogonResult = true;

            //需加一段判斷User是否存在的程式
            Vista.SEC.Information.UserInfo userInfo = new Vista.SEC.Information.UserInfo();
            userInfo.UserID = strUserID;
            userInfo.Load();

            blnLogonResult = userInfo.ErrFlag;
        }
        else
        {
            blnLogonResult = this.ADAuthenticate(strUserID, strPassWord);
        }

        //檢查登入的帳戶是否已被鎖住
        if (CheckUserIDIsLock(strUserID))
        {
            return(false);
        }

        if (blnLogonResult)
        {
            base.SetSessionInfo(strUserID);

            #region 寫入登入資料
            Vista.SEC.Information.UserLoginLogInfo Info = new Vista.SEC.Information.UserLoginLogInfo();
            Info.UserID    = strUserID;
            Info.SystemID  = GetSystemID(strUserID);
            Info.SessionID = Session.SessionID;
            Info.IPAddress = Request.UserHostAddress;
            Info.IsSuccess = "Y";
            Info.LoginDate = DateTime.Now;
            // Info.LogoutDate = DateTime.Now.AddMinutes(Session.Timeout);
            Info.ModifiedDate = DateTime.Now;
            Info.Insert();
            #endregion

            //2010.12.21 清空記錄帳密錯誤的Session
            //Session.Remove("LogonFailedUserID");
            //Session.Remove("LogonFailedCount");

            //2010.12.21 將要進入的系統寫至Session
            if (!string.IsNullOrEmpty(Convert.ToString(Request.QueryString["SystemID"])))
            {
                Session["APPortalSelectedSystemID"] = Request.QueryString["SystemID"].ToString();
            }

            #region 登入成功後的告知訊息  *上次成功登入的日期與時間 *自上次成功登入後是否有任何登入失敗的紀錄
            DataTable dtLog     = Info.GetLastSuccessLogin();
            string    StrLogMsg = string.Empty;

            foreach (DataRow dr in dtLog.Rows)
            {
                StrLogMsg += string.Format("上次成功登入時間為{0},IP為{1}\\n", dr["LoginDate"], dr["IPAddress"]);
            }

            DataTable failRecord = Info.GetFailRecord();

            foreach (DataRow dr in failRecord.Rows)
            {
                StrLogMsg += string.Format("最近一次登入失敗,時間為{0},IP為{1}", dr["LoginDate"], dr["IPAddress"]);
            }

            if (string.IsNullOrEmpty(StrLogMsg))
            {
                StrLogMsg += "這是您第一次登入本站!";
            }

            #endregion

            ScriptManager.RegisterStartupScript(this, GetType(), "LogonLog", "alert('" + StrLogMsg + "');location.href='Default.aspx';", true);
        }
        else
        {
            lblStatus.Text = "如果忘記密碼,請通知IT協助重設您的LAN ACCOUNT密碼";

            this.LogonFailedCountCheck();

            #region 寫入登入錯誤資料
            Vista.SEC.Information.UserLoginLogInfo InfoFailLog = new Vista.SEC.Information.UserLoginLogInfo();
            InfoFailLog.UserID    = strUserID;
            InfoFailLog.SystemID  = GetSystemID(strUserID);
            InfoFailLog.SessionID = Session.SessionID;
            InfoFailLog.IPAddress = Request.UserHostAddress;
            InfoFailLog.IsSuccess = "N";
            InfoFailLog.LoginDate = DateTime.Now;
            InfoFailLog.Insert();
            #endregion
        }

        return(blnLogonResult);
    }
Beispiel #3
0
    /// <summary>
    /// AD帳號驗證
    /// </summary>
    /// <param name="UserID"></param>
    /// <param name="Password"></param>
    /// <returns></returns>
    public bool ADAuthenticate(string UserID, string Password)
    {
        GetKeysFromIni();

        bool blnRtn = false;

        //string strLdapHost = "";
        //Vista.SEC.Common.Common cmn = new Vista.SEC.Common.Common();
        //取得AD主機參數
        //strLdapHost = cmn.GetParamValue("ADServer"); //DB於Parameter建INDEX

        try
        {
            Vista.SEC.Information.SecPassword myPassword = new Vista.SEC.Information.SecPassword();
            myPassword.UserID = UserID;
            myPassword.Load();

            if (myPassword.ErrFlag)
            {
                string strValue = DecryptStringWithCurrentKeys(myPassword.UserPassword);
                if (Password == strValue)
                {
                    Vista.SEC.Information.UserInfo userInfo = new Vista.SEC.Information.UserInfo();
                    userInfo.UserID = UserID;
                    userInfo.Load();

                    blnRtn = userInfo.ErrFlag;
                }
                else
                {
                    blnRtn = false;
                }
            }
            else
            {
                blnRtn = false;
            }

            //OleDbConnection cn = new OleDbConnection(String.Format("Provider=ADSDSOObject;User ID={0};Password={1};Encrypt Password=True;ADSI Flag=1", UserID, Password));
            //cn.Open();
            //OleDbCommand cmd = new OleDbCommand(String.Format("<LDAP://{0}>;(&(objectClass=user)sAMAccountName={1});distinguishedName;subtree", strLdapHost, UserID), cn);
            //OleDbDataReader dr = cmd.ExecuteReader();
            //blnRtn = dr.HasRows;
            //AD驗證通過,檢查徵審系統SEC_USER是否存在
            //if (blnRtn)
            //{
            //    //需加一段判斷User是否存在的程式
            //    Vista.SEC.Information.UserInfo userInfo = new Vista.SEC.Information.UserInfo();
            //    userInfo.UserID = UserID;
            //    userInfo.Load();
            //    blnRtn = userInfo.ErrFlag;
            //}
            //dr.Close();
            //cn.Close();
        }
        catch
        {
            return(false);
            //throw new Exception("進行AD驗證時發生錯誤!!");
        }

        return(blnRtn);
    }
Beispiel #4
0
    /// <summary>
    /// 設定使用者資料
    /// </summary>
    /// <param name="UserID"></param>
    protected void SetSessionInfo(string UserID)
    {
        #region 20120418: Jimull, ANZ 環境不可使用 Cookie, 如有必要請先向 Account Manager 確認
        //HttpCookie SessionCookie = new HttpCookie("UserID");
        //SessionCookie.Value = UserID;
        //SessionCookie.Expires = DateTime.Now.AddDays(1);
        //Response.Cookies.Add(SessionCookie);
        #endregion
        Vista.SEC.Business.SystemPageBiz mySysBiz = new Vista.SEC.Business.SystemPageBiz();
        Vista.SEC.Information.UserInfo   userInfo = new Vista.SEC.Information.UserInfo();
        Vista.SEC.Information.Department UserDept = new Vista.SEC.Information.Department();
        userInfo.UserID = UserID;
        userInfo.Load();

        // 用於需使用 Window 驗證時須進行判斷
        // 如果 Session UserID 遺失
        // 則須重新取得 window 帳戶名稱進行驗證
        // 如果 使用環境為 公司開發環境 DEV_01 將不進行 Window 驗證
        if (!IsDEVEnvironment)
        {
            if (!GetUserInfo(out userInfo))
            {
                //UserInfo 無此人員 window 帳號資訊時會倒入登入失敗畫面
                //ScriptManager.RegisterStartupScript(this, GetType(), "logon", "javascript:window.top.location.href='" + Request.ApplicationPath + "/LoginFailed.aspx';", true);
                Server.Transfer(Request.ApplicationPath + "/LoginFailed.aspx");
                return;
            }
        }

        //20120914: 當 user dpetid = call center 十 把dpetid 改為 Tid (客服中心)
        string    callCenterDeptID = string.Empty;
        DataTable dtPara           = mySysBiz.GetSystemParameterList("CALL_CENTER_DEPTID", string.Empty);
        if (dtPara.Rows.Count == 1)
        {
            callCenterDeptID = dtPara.Rows[0]["ParameterValue"].ToString();
        }

        //設定User資訊
        Session["UserID"]     = userInfo.UserID;
        Session["UserName"]   = userInfo.Name;
        Session["UserCName"]  = userInfo.CName;
        Session["UserDeptID"] = userInfo.DeptID;

        //取得User的部門
        UserDept.DeptID = userInfo.DeptID;
        UserDept.Load();
        Session["UserDeptCName"] = UserDept.DeptCName;

        //取得權限清單(使用StringCollection的方式儲存)
        Vista.SEC.Business.Security secBiz    = new Vista.SEC.Business.Security();
        StringCollection            scFunList = secBiz.GetAuthList(userInfo.UserID, 1) as StringCollection;
        Session["AuthList"] = (object)scFunList;



        //20120418: 每次登入 Key1, Key2 皆會重新產生
        //設定網址列參數的加密金鑰
        string          strTempKey1 = "";
        string          strTempKey2 = "";
        Vista.SEC.Coder coder       = new Vista.SEC.Coder(out strTempKey1, out strTempKey2);
        Session["strKey1"] = strTempKey1;
        Session["strKey2"] = strTempKey2;

        Session.Timeout = 30; //雖然在這有設定,但是還有其他因素會影響 Session Timeout
    }