/// <summary>
        /// Get roles for specified user.
        /// </summary>
        /// <param name="username">User to check.</param>
        /// <returns>List of roles</returns>
        public override string[] GetRolesForUser(string username)
        {
            // Define private variables.
            string[] roles = null;

            // Check cache.
            string      cacheKey       = "__ACTIVEDIRECTORYROLEPROVIDER__" + this.Config.Name + "_" + username;
            HttpContext currentContext = HttpContext.Current;

            if (currentContext != null)
            {
                ActiveDirectoryRoleProviderCache cache = (ActiveDirectoryRoleProviderCache)currentContext.Cache.Get(cacheKey);
                if (cache != null)
                {
                    // Value found in cache.  Return it.
                    return(cache.Roles);
                }
            }

            // Value not found in cache.  Get roles for specified user.
            roles = this.adConnect.GetGroupNamesForUser(username, this.Config.RecursiveGroupMembership).ToArray();

            // Store value in cache.
            if (currentContext != null)
            {
                currentContext.Cache.Insert(cacheKey, new ActiveDirectoryRoleProviderCache(roles), null, DateTime.Now.AddMinutes(this.Config.CacheDurationInMinutes), Cache.NoSlidingExpiration);
            }

            return(roles);
        }
Beispiel #2
0
        /// <summary>
        /// Validate user to make sure they have valid roles.
        /// </summary>
        /// <param name="username">Username to check.</param>
        /// <param name="password">Password to check.</param>
        /// <returns>True/false if user login is valid and if they are a member of allowed roles.</returns>
        public override bool ValidateUser(string username, string password)
        {
            // Check to make sure user if allowed, if appropriate.
            if (this.Config.AllowedUsers.Any() && !this.Config.AllowedUsers.Contains(username))
            {
                // Restricted users, and this user is not one of them.
                return(false);
            }

            // Initialize AdConnection.
            this.InitializeAdConnection();

            // Determine if user is valid.
            var validUser = this.adConnect.ValidateUser(username, password);

            // If user is not valid, return now.
            if (!validUser)
            {
                return(false);
            }

            // If allowedRoles is restricted, check further.
            if (this.Config.AllowedGroups.Any())
            {
                // Define private variables.
                string[] roles = null;

                // Check cache.  Use different key than ActiveDirectoryRoleProvider to avoid complications in case of different settings.
                string      cacheKey       = "__ACTIVEDIRECTORYMEMBERSHIPPROVIDER__" + this.Config.Name + "_" + username;
                HttpContext currentContext = HttpContext.Current;
                if (currentContext != null)
                {
                    ActiveDirectoryRoleProviderCache cache = (ActiveDirectoryRoleProviderCache)currentContext.Cache.Get(cacheKey);
                    if (cache != null)
                    {
                        // Value found in cache.  See if it contains any roles.
                        return((cache.Roles != null) && (cache.Roles.Any()));
                    }
                }

                // Check if user has any roles.  If so, they can proceed.
                roles = this.adConnect.GetGroupNamesForUser(username, this.Config.RecursiveGroupMembership).ToArray();

                // Store value in cache.
                if (currentContext != null)
                {
                    currentContext.Cache.Insert(cacheKey, new ActiveDirectoryRoleProviderCache(roles), null, DateTime.Now.AddMinutes(this.Config.CacheDurationInMinutes), Cache.NoSlidingExpiration);
                }

                return((roles != null) && (roles.Any()));
            }
            else
            {
                // User is valid.
                return(true);
            }
        }
        /// <summary>
        /// Get listing of all roles.
        /// </summary>
        /// <returns>List of roles</returns>
        public override string[] GetAllRoles()
        {
            // Verify that search methods are allowed.
            if (this.Config.EnableSearchMethods == false)
            {
                throw new NotSupportedException("Search methods are not enabled.");
            }

            // Define private variables.
            string[] roles = null;

            // Check cache.
            string      cacheKey       = "__ACTIVEDIRECTORYROLEPROVIDER__" + this.Config.Name;
            HttpContext currentContext = HttpContext.Current;

            if (currentContext != null)
            {
                ActiveDirectoryRoleProviderCache cache = (ActiveDirectoryRoleProviderCache)currentContext.Cache.Get(cacheKey);
                if (cache != null)
                {
                    // Value found in cache.  Return it.
                    return(cache.Roles);
                }
            }

            // Value not found in cache.  Get all roles
            roles = this.adConnect.GetAllGroupNames().ToArray();

            // Store value in cache.
            if (currentContext != null)
            {
                currentContext.Cache.Insert(cacheKey, new ActiveDirectoryRoleProviderCache(roles), null, DateTime.Now.AddMinutes(this.Config.CacheDurationInMinutes), Cache.NoSlidingExpiration);
            }

            return(roles);
        }