/// <summary>
        /// </summary>
        protected override bool CheckAccessCore(OperationContext operationContext)
        {
            // Only allow Authenticate if no session exists
            string method = WebServiceAuthorization.GetMethod();

            if (!string.IsNullOrWhiteSpace(method))
            {
                if (method.ToLower().Equals(WebServiceAuthorization.AuthenticationMethod.ToLower()))
                {
                    return(ReturnAllowAccess());
                }
            }

            if (WebServiceAuthorization.isAuthorized(method))
            {
                return(ReturnAllowAccess());
            }

            if (WebOperationContext.Current.IncomingRequest.Method.Equals("OPTIONS"))
            {
                return(ReturnAllowAccess());
            }

            WebOperationContext.Current.OutgoingResponse.StatusCode = System.Net.HttpStatusCode.Unauthorized;

            //return false;
            throw new WebFaultException(System.Net.HttpStatusCode.Unauthorized);
            //return true;
        }
Beispiel #2
0
        public Stream Files(string resource, string extension)
        {
            bool success = SetupResponseFormat(extension);

            if (!success)
            {
                return(new MemoryStream(Encoding.ASCII.GetBytes("File type not supported"), false));
            }

            if (!WebServiceAuthorization.isAuthorized())
            {
                if (resource.ToLower().Equals("login"))
                {
                    // continue
                }
                else
                {
                    switch (extension)
                    {
                    case "htm":
                    case "html":
                        WebOperationContext.Current.OutgoingResponse.StatusCode = System.Net.HttpStatusCode.Redirect;
                        WebOperationContext.Current.OutgoingResponse.Headers.Add("Location", "Login.html");
                        return(new MemoryStream(Encoding.ASCII.GetBytes("Redirecting to login"), false));
                    }
                }
            }

            Stream resStream = GetFileStream(resource, extension);

            if (resStream == null)
            {
                WebOperationContext.Current.OutgoingResponse.StatusCode = System.Net.HttpStatusCode.NotFound;
                return(new MemoryStream(Encoding.ASCII.GetBytes("File not found."), false));
            }
            else if (extension.ToLower().Equals("js"))
            {
                // Inject webservice base url in all javascript files
                // so that we know what to call
                resStream = AddBaseURL(resStream);
            }
            return(resStream);
        }