Beispiel #1
0
        public override void Validate(string userName, string password)
        {
            if(Configuration.Services.Users.Count(x => x.Username == userName && x.Password == password) == 0)
            {
                Log.Info("Request with invalid username {0} with password {1}", userName, password);

                SecurityTokenException ex = new SecurityTokenException("Validation Failed!");

                // Doesn't always work: http://blogs.msdn.com/b/drnick/archive/2010/02/02/fix-to-allow-customizing-the-status-code-when-validation-fails.aspx
                ex.Data["HttpStatusCode"] = HttpStatusCode.Unauthorized;

                throw ex;
            }
        }
Beispiel #2
0
        public override void Validate(string userName, string password)
        {
            if (!Configuration.Services.AuthenticationEnabled)
                return;

            if(!Configuration.Services.Users.Any(x => x.Username == userName && x.ValidatePassword(password)))
            {
                Log.Info("Access denied for request with username {0}", userName);

                SecurityTokenException ex = new SecurityTokenException("Validation Failed!");

                // Doesn't always work: http://blogs.msdn.com/b/drnick/archive/2010/02/02/fix-to-allow-customizing-the-status-code-when-validation-fails.aspx
                ex.Data["HttpStatusCode"] = HttpStatusCode.Unauthorized;

                throw ex;
            }
        }