protected static bool RemoveAdPasswords(ADSettings adSettings)
{
if (adSettings == null)
{
return(false);
}
// Save permission is needed for this setting to be able to see even the encrypted values
if (!adSettings.Security.HasPermission(PermissionType.Save))
{
return(true);
}
// in case of export or other special scenario, include the stored values
if (HttpContext.Current == null)
{
return(false);
}
var includePassStr = HttpContext.Current.Request["includepasswords"];
if (string.IsNullOrEmpty(includePassStr))
{
return(true);
}
if (bool.TryParse(includePassStr, out var includePass))
{
return(!includePass);
}
return(true);
}
void OnAuthenticateRequest(object sender, EventArgs e)
{
var request = HttpContext.Current.Request;
if (!request.CurrentExecutionFilePathExtension.Contains("asmx"))
{
return;
}
string header = request.Headers["Authorization"];
if (!string.IsNullOrEmpty(header) && header.Trim().ToUpper().StartsWith("BASIC")) //if has header
{
string encodedUserPass = header.Substring(6).Trim(); //remove the "Basic"
Encoding encoding = Encoding.GetEncoding("iso-8859-1");
string userPass = encoding.GetString(Convert.FromBase64String(encodedUserPass));
string[] credentials = userPass.Split(':');
string username = credentials[0];
string password = credentials.Length > 1? credentials[1] : string.Empty;
if (!ADSettings.AuthAD(username, password))
{
HttpContext.Current.Response.StatusCode = 401;
HttpContext.Current.Response.End();
}
}
else
{
//send request header for the 1st round
HttpContext context = HttpContext.Current;
context.Response.StatusCode = 401;
context.Response.AddHeader("WWW-Authenticate", String.Format("Basic realm=\"{0}\"", string.Empty));
}
}
public static Boolean Validate(string id, string password)
{
return(ADSettings.AuthAD(id, password));
}
