Ejemplo n.º 1
0
        public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null)
        {
            if (credentials == null || String.IsNullOrEmpty(credentials.AccountName) || String.IsNullOrEmpty(credentials.AccountPassword))
            {
                throw new MdoException("Invalid RDW credenetials");
            }
            _creds = credentials;

            // see if provider was specified in datasource - use default from proxy code if not
            WebRequest cookieRequest = WebRequest.Create(String.IsNullOrEmpty(Cxn.DataSource.Provider) ? new Uri(new MDWSRPCs().Url) : new Uri(Cxn.DataSource.Provider));

            cookieRequest.Method      = "POST";
            cookieRequest.ContentType = "application/x-www-form-urlencoded";
            string postBody = "CacheUserName="******"&CachePassword="******"&CacheLogin=Login";

            cookieRequest.ContentLength = postBody.Length;

            Stream requestStream = cookieRequest.GetRequestStream();

            requestStream.Write(System.Text.Encoding.ASCII.GetBytes(postBody), 0, postBody.Length);
            requestStream.Close();
            WebResponse cookieResponse = cookieRequest.GetResponse();

            // expect the response URI to contain the session token for subsequent requests - throw an error if the strings are the same
            if (String.Equals(cookieResponse.ResponseUri.ToString(), _cxn.DataSource.Provider))
            {
                throw new MdoException("Authentication failed. Response URI did not contain session token");
            }

            _cxn.DataSource.Provider   = cookieResponse.ResponseUri.ToString(); // set the provider to the URL containing the cookie
            _creds.AuthenticationToken = cookieResponse.ResponseUri.ToString();
            this.isAuthorized          = true;
            return("OK");
        }
Ejemplo n.º 2
0
        // This does an administrative visit in order to get the true user's data
        internal User getVisitorData(string userSitecode, string DUZ, string appPwd)
        {
            Site site = mySession.SiteTable.getSite(userSitecode);
            AbstractCredentials credentials = getAdministrativeCredentials(site);

            credentials.AuthenticationToken = userSitecode + '_' + credentials.LocalUid;
            credentials.SecurityPhrase      = appPwd;

            string context = MdwsConstants.MDWS_CONTEXT;

            if (mySession.DefaultVisitMethod == MdwsConstants.NON_BSE_CREDENTIALS)
            {
                context = MdwsConstants.CPRS_CONTEXT;
            }

            // Here we do NOT set mySession.PrimaryPermission.  This context is being set
            // solely for the Admin user to get the true user's credentials.  mySession.PrimaryPermission
            // is for the true user.
            AbstractPermission permission = new MenuOption(context);

            permission.IsPrimary = true;

            User u = doTheVisit(userSitecode, credentials, permission);

            UserApi userApi  = new UserApi();
            User    trueUser = userApi.getUser(myCxn, DUZ);

            myCxn.disconnect();
            return(trueUser);
        }
Ejemplo n.º 3
0
        public override User authenticateAndAuthorize(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource = null)
        {
            if ("prod".Equals(Mode))
            {
                AbstractConnection vistaConnection = initializeVistaConnection();
                gov.va.medora.mdo.dao.vista.VistaAccount vistaAccount = new vista.VistaAccount(vistaConnection);
                vistaAccount.AuthenticationMethod = this.AuthenticationMethod;
                vistaConnection.Account           = vistaAccount;
                User user = vistaAccount.authenticateAndAuthorize(credentials, permission, vistaConnection.DataSource);

                this.isAuthenticated = vistaAccount.IsAuthenticated;
                this.isAuthorized    = vistaAccount.IsAuthorized;

                return(user);
            }
            else
            {
                this.isAuthenticated = true;
                this.isAuthorized    = true;

                User user = new User();
                user.setName("dev");

                return(user);
            }
        }
 public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource)
 {
     object result = base.authorizedConnect(credentials, permission, validationDataSource);
     //_eventArgs.ConnectionEventType = ConnectionPoolEventArgs.ConnectionChangeEventType.ConnectionAvailable;
     //OnChanged(_eventArgs);
     return result;
 }
Ejemplo n.º 5
0
        internal string buildAddRecordStatement(AbstractCredentials creds, string encryptionKey)
        {
            string phoneNum = "No phone";

            if (!String.IsNullOrEmpty(creds.SubjectPhone))
            {
                phoneNum = creds.SubjectPhone;
            }
            string result = "INSERT INTO " + _tableName +
                            " (SessionID,SSN,Name,DUZ,SiteId,SiteName,Phone) VALUES (";

            if (_encrypt)
            {
                result += "'" + escapeString(SSTCryptographer.Encrypt(creds.AuthenticationToken, encryptionKey)) + "'," +
                          "'" + escapeString(SSTCryptographer.Encrypt(creds.FederatedUid, encryptionKey)) + "'," +
                          "'" + escapeString(SSTCryptographer.Encrypt(creds.SubjectName, encryptionKey)) + "'," +
                          "'" + escapeString(SSTCryptographer.Encrypt(creds.LocalUid, encryptionKey)) + "'," +
                          "'" + escapeString(SSTCryptographer.Encrypt(creds.AuthenticationSource.SiteId.Id, encryptionKey)) + "'," +
                          "'" + escapeString(SSTCryptographer.Encrypt(creds.AuthenticationSource.SiteId.Name, encryptionKey)) + "'," +
                          "'" + escapeString(SSTCryptographer.Encrypt(phoneNum, encryptionKey));
            }
            else
            {
                result += "'" + escapeString(creds.AuthenticationToken) + "'," +
                          "'" + escapeString(creds.FederatedUid) + "'," +
                          "'" + escapeString(creds.SubjectName) + "'," +
                          "'" + escapeString(creds.LocalUid) + "'," +
                          "'" + escapeString(creds.AuthenticationSource.SiteId.Id) + "'," +
                          "'" + escapeString(creds.AuthenticationSource.SiteId.Name) + "'," +
                          "'" + escapeString(phoneNum);
            }
            result += "');";
            return(result);
        }
Ejemplo n.º 6
0
 internal void doTheAuthorize(AbstractCredentials credentials, AbstractPermission permission)
 {
     //// if we are requesting CPRS context with a visit and user does not have it - add it to their account
     if (permission.Name == VistaConstants.CPRS_CONTEXT &&
         !Cxn.Account.Permissions.ContainsKey(VistaConstants.CPRS_CONTEXT) &&
         !Cxn.Account.AuthenticationMethod.Equals(VistaConstants.LOGIN_CREDENTIALS))
     {
         addContextInVista(Cxn.Uid, permission);
     }
     else
     {
         setContext(permission);
     }
     if (String.IsNullOrEmpty(Cxn.Uid))
     {
         if (String.IsNullOrEmpty(credentials.FederatedUid))
         {
             throw new MdoException("Missing federated UID, cannot get local UID");
         }
         VistaUserDao dao = new VistaUserDao(Cxn);
         Cxn.Uid = dao.getUserIdBySsn(credentials.FederatedUid);
         if (String.IsNullOrEmpty(Cxn.Uid))
         {
             throw new MdoException("Unable to get local UID for federated ID " + credentials.FederatedUid);
         }
     }
     if (!credentials.Complete)
     {
         VistaUserDao dao = new VistaUserDao(Cxn);
         dao.addVisitorInfo(credentials);
     }
 }
Ejemplo n.º 7
0
        public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null)
        {
            if (!(credentials is LdapCredentials))
            {
                throw new MdoException("Invalid credentials - not LDAP credentials");
            }
            LdapCredentials ldapCreds = (LdapCredentials)credentials;

            DirectoryEntry entry = new DirectoryEntry(Cxn.DataSource.Provider, ldapCreds.AccountName, ldapCreds.AccountPassword);

            entry.AuthenticationType = AuthenticationTypes.Secure;
            DirectorySearcher search = new DirectorySearcher();

            search.SearchRoot = entry;
            search.Filter     = "(&(objectClass=user)(SAMAccountName=" + ldapCreds.AccountName + "))";
            //SearchResultCollection result = (SearchResultCollection)this.Cxn.query("(&(objectClass=user)(SAMAccountName=" + credentials.AccountName + "))");

            SearchResultCollection result = search.FindAll();

            if (result.Count != 1)
            {
                throw new MdoException("Invalid credentials");
            }

            return(result[0].GetDirectoryEntry().Guid.ToString());
        }
Ejemplo n.º 8
0
        public TaggedTextArray visitDoD(string pwd)
        {
            Site site = mySession.SiteTable.getSite(MdwsConstants.DOD_SITE);
            AbstractCredentials credentials = getAdministrativeCredentials(site);

            credentials.SecurityPhrase = mySession.MdwsConfiguration.AllConfigs[ConfigFileConstants.PRIMARY_CONFIG_SECTION][MdwsConfigConstants.SERVICE_ACCOUNT_PASSWORD];

            string context = MdwsConstants.MDWS_CONTEXT;

            if (mySession.DefaultVisitMethod == MdwsConstants.NON_BSE_CREDENTIALS)
            {
                context = MdwsConstants.CPRS_CONTEXT;
            }
            AbstractPermission permission = new MenuOption(context);

            permission.IsPrimary = true;

            TaggedTextArray result = new TaggedTextArray();

            try
            {
                User u = doTheVisit(site.Id, credentials, permission);
                result.results = new TaggedText[] { new TaggedText(site.Id, u.Uid) };
                addMyCxn2CxnSet();
                mySession.Credentials       = credentials;
                mySession.PrimaryPermission = permission;
            }
            catch (Exception e)
            {
                result.fault = new FaultTO(e.Message);
            }
            return(result);
        }
Ejemplo n.º 9
0
        internal string login(AbstractCredentials credentials)
        {
            if (String.IsNullOrEmpty(credentials.AccountName))
            {
                throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Access Code");
            }
            if (String.IsNullOrEmpty(credentials.AccountPassword))
            {
                throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Verify Code");
            }

            VistaQuery vq  = new VistaQuery("XUS SIGNON SETUP");
            string     rtn = (string)Cxn.query(vq);

            if (rtn == null)
            {
                throw new UnexpectedDataException("Unable to setup authentication");
            }

            vq = new VistaQuery("XUS AV CODE");

            // This is here so we can test with MockConnection
            if (Cxn.GetType().Name != "MockConnection")
            {
                vq.addEncryptedParameter(vq.LITERAL, credentials.AccountName + ';' + credentials.AccountPassword);
            }
            else
            {
                vq.addParameter(vq.LITERAL, credentials.AccountName + ';' + credentials.AccountPassword);
            }
            rtn = (string)Cxn.query(vq);

            //TODO - need to catch renew verify id error

            string[] flds = StringUtils.split(rtn, StringUtils.CRLF);
            if (flds[0] == "0")
            {
                throw new UnauthorizedAccessException(flds[3]);
            }
            AccountId = flds[0];

            // Set the connection's UID
            Cxn.Uid = AccountId;

            // Save the credentials
            credentials.LocalUid             = AccountId;
            credentials.AuthenticationSource = Cxn.DataSource;
            credentials.AuthenticationToken  = Cxn.DataSource.SiteId.Id + '_' + AccountId;

            IsAuthenticated = true;
            Cxn.IsRemote    = false;

            // Set the greeting if there is one
            if (flds.Length > 7)
            {
                return(flds[7]);
            }
            return("OK");
        }
Ejemplo n.º 10
0
 public BseVista2WebVisit(VistaAccount acct, AbstractCredentials creds, DataSource validatorDataSource)
     : base(acct, creds)
 {
     if (validatorDataSource != null)
     {
         _validatorDataSource = validatorDataSource;
     }
 }
Ejemplo n.º 11
0
        public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource)
        {
            object result = base.authorizedConnect(credentials, permission, validationDataSource);

            //_eventArgs.ConnectionEventType = ConnectionPoolEventArgs.ConnectionChangeEventType.ConnectionAvailable;
            //OnChanged(_eventArgs);
            return(result);
        }
Ejemplo n.º 12
0
        public override User authenticateAndAuthorize(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource = null)
        {
            string msg = authenticate(credentials, validationDataSource);
            User   u   = authorize(credentials, permission);

            u.Greeting = msg;
            return(u);
        }
Ejemplo n.º 13
0
        public override User authorize(AbstractCredentials credentials, AbstractPermission permission)
        {
            if (_authenticate)
            {
                return(base.authorize(credentials, permission));
            }

            isAuthorized = isAuthenticated = true;
            return(new User());
        }
Ejemplo n.º 14
0
        public override User authenticateAndAuthorize(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource)
        {
            if (_authenticate)
            {
                return(base.authenticateAndAuthorize(credentials, permission, validationDataSource));
            }

            isAuthorized = isAuthenticated = true;
            return(new User());
        }
Ejemplo n.º 15
0
        public string login(AbstractCredentials credentials)
        {
            if (_authenticate)
            {
                return(base.login(credentials));
            }

            isAuthorized = isAuthenticated = true;
            return("OK");
        }
Ejemplo n.º 16
0
        internal User toUser(AbstractCredentials credentials)
        {
            User u = new User();

            u.Uid         = Cxn.Uid;
            u.Name        = new PersonName(credentials.SubjectName);
            u.SSN         = new SocSecNum(credentials.FederatedUid);
            u.LogonSiteId = Cxn.DataSource.SiteId;
            return(u);
        }
Ejemplo n.º 17
0
 public override User authorize(AbstractCredentials credentials, AbstractPermission permission)
 {
     if (permission == null)
     {
         throw new ArgumentNullException("permission");
     }
     checkAuthorizeReadiness();
     checkPermissionString(permission.Name);
     doTheAuthorize(credentials, permission);
     return(toUser(credentials));
 }
Ejemplo n.º 18
0
 public override User authorize(AbstractCredentials credentials, AbstractPermission permission)
 {
     if (_creds == null)
     {
         throw new MdoException("Invalid RDW credenetials. Must authenticate first");
     }
     return(new User()
     {
         UserName = _creds.AccountName, Pwd = _creds.AccountPassword
     });
 }
Ejemplo n.º 19
0
 // Needs to return object so it can be either User or Exception on multi-site connections.
 public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource)
 {
     try
     {
         connect();
         return(Account.authenticateAndAuthorize(credentials, permission, validationDataSource));
     }
     catch (Exception ex)
     {
         return(ex);
     }
 }
Ejemplo n.º 20
0
 public static bool isValidCredentials(string authenticationMethod, AbstractCredentials credentials, AbstractPermission permission)
 {
     if (credentials == null)
     {
         return(false);
     }
     if (authenticationMethod == MdwsConstants.LOGIN_CREDENTIALS)
     {
         if (String.IsNullOrEmpty(credentials.AccountName) ||
             String.IsNullOrEmpty(credentials.AccountPassword))
         {
             return(false);
         }
     }
     else if (authenticationMethod == MdwsConstants.NON_BSE_CREDENTIALS)
     {
         if (String.IsNullOrEmpty(credentials.LocalUid) ||
             String.IsNullOrEmpty(credentials.FederatedUid) ||
             String.IsNullOrEmpty(credentials.SubjectName) ||
             credentials.AuthenticationSource == null ||
             credentials.AuthenticationSource.SiteId == null ||
             String.IsNullOrEmpty(credentials.AuthenticationSource.SiteId.Id) ||
             String.IsNullOrEmpty(credentials.AuthenticationSource.SiteId.Name) ||
             String.IsNullOrEmpty(credentials.AuthenticationToken))
         {
             return(false);
         }
     }
     else if (authenticationMethod == MdwsConstants.BSE_CREDENTIALS_V2WEB)
     {
         if (String.IsNullOrEmpty(credentials.LocalUid) ||
             String.IsNullOrEmpty(credentials.FederatedUid) ||
             String.IsNullOrEmpty(credentials.SubjectName) ||
             credentials.AuthenticationSource == null ||
             credentials.AuthenticationSource.SiteId == null ||
             String.IsNullOrEmpty(credentials.AuthenticationSource.SiteId.Id) ||
             String.IsNullOrEmpty(credentials.AuthenticationSource.SiteId.Name) ||
             String.IsNullOrEmpty(credentials.AuthenticationToken) ||
             String.IsNullOrEmpty(credentials.SecurityPhrase))
         {
             return(false);
         }
     }
     else
     {
         throw new ArgumentException("Invalid credential type");
     }
     if (permission == null || String.IsNullOrEmpty(permission.Name))
     {
         return(false);
     }
     return(true);
 }
Ejemplo n.º 21
0
        public UserTO login(string accountUsername, string accountPwd, string permissionString = null)
        {
            // TODO - FIX!!! This is very ugly - here so that SOAP and REST services can both be stateful or stateless
            if (!Convert.ToBoolean(_mySession.MdwsConfiguration.AllConfigs[MdwsConfigConstants.CONNECTION_POOL_CONFIG_SECTION][MdwsConfigConstants.CONNECTION_POOLING]))
            {
                return(new gov.va.medora.mdws.AccountLib(_mySession).login(accountUsername, accountPwd, permissionString));
            }

            UserTO             result = new UserTO();
            AbstractConnection c      = null;

            try
            {
                MdwsUtils.checkNullArgs(MdwsUtils.getArgsDictionary(
                                            System.Reflection.MethodInfo.GetCurrentMethod().GetParameters(), new List <object>()
                {
                    _mySession.ConnectionSet.BaseSiteId, accountUsername, accountPwd, permissionString
                }));

                c = _mySession.ConnectionSet.BaseConnection;

                AbstractCredentials credentials = AbstractCredentials.getCredentialsForCxn(c);
                credentials.AccountName        = accountUsername;
                credentials.AccountPassword    = accountPwd;
                c.Account.AuthenticationMethod = MdwsConstants.LOGIN_CREDENTIALS;
                if (String.IsNullOrEmpty(permissionString))
                {
                    permissionString = MdwsConstants.CPRS_CONTEXT;
                }
                _mySession.PrimaryPermission = new MenuOption(permissionString);
                _mySession.User        = c.Account.authenticateAndAuthorize(credentials, _mySession.PrimaryPermission);
                _mySession.Credentials = credentials;

                // REST
                _mySession.setAuthorized(_mySession.ConnectionSet.BaseSiteId); // TODO - revisit, need to mark connections as authorized but more-so need to cache the symbol table
                // END REST

                result = new UserTO(_mySession.User);
            }
            catch (Exception e)
            {
                result.fault = new FaultTO(e);
            }
            finally
            {
                // REST
                //RestSessionMgr.getInstance().returnConnections(_mySession);
                // END REST
            }

            return(result);
        }
Ejemplo n.º 22
0
        public static AbstractConnection authorizedConnect(string theUser, bool isBse)
        {
            string              securityPhrase = (isBse ? "" : "NON-BSE");
            MockApp             theApp         = getTheApp(securityPhrase);
            DataSource          src            = VistaSetups.getSrc(theApp.SiteTable, theApp.LoginSitecode);
            AbstractDaoFactory  f           = AbstractDaoFactory.getDaoFactory(AbstractDaoFactory.getConstant(src.Protocol));
            AbstractConnection  cxn         = f.getConnection(src);
            AbstractCredentials credentials = getVisitCredentials(theApp);
            AbstractPermission  permission  = new MenuOption(theApp.User.PermissionString);

            theApp.User = (User)cxn.authorizedConnect(credentials, permission, null);
            return(cxn);
        }
Ejemplo n.º 23
0
        /// <summary>
        /// Log onto a data source.
        /// </summary>
        /// <remarks>
        /// Combines authentication and authorization into a single function.
        /// It will create a new set of session credentials and a primary permission.
        /// These credentials can then be used for subsequent visits.
        /// Login requires a previous connection.
        /// </remarks>
        /// <param name="accountId">Access code</param>
        /// <param name="accountPwd">Verify code</param>
        /// <param name="permissionString">If blank defaults to CPRS context</param>
        /// <returns>UserTO</returns>
        public UserTO login(string accountId, string accountPwd, string permissionString)
        {
            UserTO result = new UserTO();

            if (!mySession.HasBaseConnection)
            {
                result.fault = new FaultTO("There is no connection to log onto");
            }
            else if (accountId == "")
            {
                result.fault = new FaultTO("Missing account ID");
            }
            else if (accountPwd == "")
            {
                result.fault = new FaultTO("Missing account password");
            }
            if (result.fault != null)
            {
                return(result);
            }

            try
            {
                AbstractConnection c = mySession.ConnectionSet.BaseConnection;

                AbstractCredentials credentials = AbstractCredentials.getCredentialsForCxn(c);
                credentials.AccountName     = accountId;
                credentials.AccountPassword = accountPwd;

                c.Account.AuthenticationMethod = MdwsConstants.LOGIN_CREDENTIALS;

                if (String.IsNullOrEmpty(permissionString))
                {
                    permissionString = MdwsConstants.CPRS_CONTEXT;
                }
                mySession.PrimaryPermission = new MenuOption(permissionString);

                mySession.User = c.Account.authenticateAndAuthorize(credentials, mySession.PrimaryPermission);

                mySession.Credentials = credentials;

                result = new UserTO(mySession.User);
            }
            catch (Exception e)
            {
                result.fault = new FaultTO(e.Message);
            }
            return(result);
        }
Ejemplo n.º 24
0
 public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null)
 {
     if (Cxn == null || !Cxn.IsConnected)
     {
         throw new ConnectionException("Must have connection");
     }
     if (credentials == null)
     {
         throw new ArgumentNullException("credentials");
     }
     else
     {
         throw new ArgumentException("Invalid credentials");
     }
 }
Ejemplo n.º 25
0
 public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null)
 {
     if (Cxn == null || !Cxn.IsConnected)
     {
         throw new ConnectionException("Must have connection");
     }
     if (credentials == null)
     {
         throw new ArgumentNullException("credentials");
     }
     else
     {
         throw new ArgumentException("Invalid credentials");
     }
 }
Ejemplo n.º 26
0
 internal void validateCredentials(AbstractCredentials credentials)
 {
     if (Cxn == null || !Cxn.IsConnected)
     {
         throw new MdoException(MdoExceptionCode.USAGE_NO_CONNECTION, "Must have connection");
     }
     if (String.IsNullOrEmpty(credentials.AccountName))
     {
         throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Access Code");
     }
     if (String.IsNullOrEmpty(credentials.AccountPassword))
     {
         throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Verify Code");
     }
 }
Ejemplo n.º 27
0
        internal void initializePool()
        {
            logging.Log.LOG("Initializing connection pools...");
            if (ConnectionPools.getInstance().PoolSource != null)
            {
                logging.Log.LOG("Connection pools already initialized");
                return; // already set up the pools!
            }

            SiteTable sites = new SiteTable(ConfigurationManager.AppSettings[config.AppConfigSettingsConstants.VhaSitesFilePath]);
            IList <AbstractPoolSource> sources     = new List <AbstractPoolSource>();
            ConnectionPoolsSource      poolsSource = new ConnectionPoolsSource();

            poolsSource.CxnSources = new Dictionary <string, ConnectionPoolSource>();
            VistaDao            trash = new VistaDao();
            AbstractCredentials creds = getDownstreamCredentialsFromConfig(getDownstreamUserFromConfig());

            foreach (DataSource source in sites.Sources)
            {
                if (!String.Equals(source.Protocol, "VISTA", StringComparison.CurrentCultureIgnoreCase))
                {
                    continue;
                }
                ConnectionPoolSource newSource = new ConnectionPoolSource()
                {
                    Timeout           = TimeSpan.Parse(ConfigurationManager.AppSettings["PoolConnectionTimeout"]),
                    WaitTime          = TimeSpan.Parse(ConfigurationManager.AppSettings["PoolWaitTimeout"]),
                    MaxPoolSize       = Convert.ToInt32(ConfigurationManager.AppSettings["PoolMaxSize"]),
                    MinPoolSize       = Convert.ToInt32(ConfigurationManager.AppSettings["PoolMinSize"]),
                    PoolExpansionSize = Convert.ToInt32(ConfigurationManager.AppSettings["PoolExpansionSize"]),
                    CxnSource         = source,
                    Credentials       = creds,
                    Permission        = new MenuOption(ConfigurationManager.AppSettings["PoolUserPermission"])
                };
                Int32 recycleCount = 0;
                if (!String.IsNullOrEmpty(ConfigurationManager.AppSettings["PoolRecycleCount"]) && Int32.TryParse(ConfigurationManager.AppSettings["PoolRecycleCount"], out recycleCount))
                {
                    newSource.RecycleCount = recycleCount;
                }
                newSource.CxnSource.Protocol = "PVISTA";
                poolsSource.CxnSources.Add(source.SiteId.Id, newSource);
            }

            ConnectionPools pools = (ConnectionPools)AbstractResourcePoolFactory.getResourcePool(poolsSource);

            logging.Log.LOG("Successfully completed connection pools initialization");
        }
Ejemplo n.º 28
0
        // This is the core visit method the others are using. The permission must have been set before
        // getting here.
        internal User doTheVisit(string sitecode, AbstractCredentials credentials, AbstractPermission permission)
        {
            Site       site = mySession.SiteTable.getSite(sitecode);
            DataSource src  = site.getDataSourceByModality("HIS");

            if (src == null)
            {
                throw new Exception("No HIS data source at site " + sitecode);
            }

            AbstractDaoFactory factory = AbstractDaoFactory.getDaoFactory(AbstractDaoFactory.getConstant(src.Protocol));

            myCxn = factory.getConnection(src);
            myCxn.Account.AuthenticationMethod = mySession.DefaultVisitMethod;

            if (!MdwsUtils.isValidCredentials(myCxn.Account.AuthenticationMethod, credentials, permission))
            {
                throw new Exception("Invalid credentials");
            }

            object result = null;

            if (myCxn.Account.AuthenticationMethod == VistaConstants.BSE_CREDENTIALS_V2WEB)
            {
                result = myCxn.authorizedConnect(credentials, permission,
                                                 new DataSource()
                {
                    ConnectionString = mySession.MdwsConfiguration.BseValidatorConnectionString
                });
            }
            else
            {
                result = myCxn.authorizedConnect(credentials, permission, null);
            }
            if (result.GetType().Name.EndsWith("Exception"))
            {
                throw (Exception)result;
            }
            else
            {
                return((User)result);
            }
        }
Ejemplo n.º 29
0
 public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null)
 {
     if (Cxn == null || !Cxn.IsConnected)
     {
         throw new MdoException(MdoExceptionCode.USAGE_NO_CONNECTION, "Must have connection");
     }
     if (credentials == null)
     {
         throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing credentials");
     }
     if (string.IsNullOrEmpty(AuthenticationMethod))
     {
         throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Account AuthenticationMethod");
     }
     if (AuthenticationMethod == VistaConstants.LOGIN_CREDENTIALS)
     {
         return login(credentials);
     }
         // Temporarily disabled - will do only V2WEB for now
     //else if (AuthenticationMethod == VistaConstants.BSE_CREDENTIALS_V2V)
     //{
     //    VisitTemplate visitTemplate = new BseVista2VistaVisit(this, credentials);
     //    return visitTemplate.visit();
     //}
     else if (AuthenticationMethod == VistaConstants.BSE_CREDENTIALS_V2WEB)
     {
         VisitTemplate visitTemplate = new BseVista2WebVisit(this, credentials, validationDataSource);
         return visitTemplate.visit();
     }
     else if (AuthenticationMethod == VistaConstants.NON_BSE_CREDENTIALS)
     {
         VisitTemplate visitTemplate = new NonBseVisit(this, credentials);
         return visitTemplate.visit();
     }
     else
     {
         throw new ArgumentException("Invalid credentials");
     }
 }
Ejemplo n.º 30
0
 public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null)
 {
     if (Cxn == null || !Cxn.IsConnected)
     {
         throw new MdoException(MdoExceptionCode.USAGE_NO_CONNECTION, "Must have connection");
     }
     if (credentials == null)
     {
         throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing credentials");
     }
     if (string.IsNullOrEmpty(AuthenticationMethod))
     {
         throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Account AuthenticationMethod");
     }
     if (AuthenticationMethod == VistaConstants.LOGIN_CREDENTIALS)
     {
         return(login(credentials));
     }
     // Temporarily disabled - will do only V2WEB for now
     //else if (AuthenticationMethod == VistaConstants.BSE_CREDENTIALS_V2V)
     //{
     //    VisitTemplate visitTemplate = new BseVista2VistaVisit(this, credentials);
     //    return visitTemplate.visit();
     //}
     else if (AuthenticationMethod == VistaConstants.BSE_CREDENTIALS_V2WEB)
     {
         VisitTemplate visitTemplate = new BseVista2WebVisit(this, credentials, validationDataSource);
         return(visitTemplate.visit());
     }
     else if (AuthenticationMethod == VistaConstants.NON_BSE_CREDENTIALS)
     {
         VisitTemplate visitTemplate = new NonBseVisit(this, credentials);
         return(visitTemplate.visit());
     }
     else
     {
         throw new ArgumentException("Invalid credentials");
     }
 }
Ejemplo n.º 31
0
        public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null)
        {
            if (_authenticate)
            {
                return(base.authenticate(credentials, validationDataSource));
            }

            isAuthorized = isAuthenticated = true;
            return("OK");
            //if (Cxn == null || !Cxn.IsConnected)
            //{
            //    throw new ConnectionException("Must have connection");
            //}
            //if (credentials == null)
            //{
            //    throw new ArgumentNullException("credentials");
            //}
            //else
            //{
            //    throw new ArgumentException("Invalid credentials");
            //}
        }
Ejemplo n.º 32
0
        public override User authorize(AbstractCredentials credentials, AbstractPermission permission)
        {
            if (!(credentials is LdapCredentials))
            {
                throw new MdoException("Invalid credentials - not LDAP credentials");
            }

            // cxn.query only returns a SearchResultCollection so need to manually impersonate here
            LdapCredentials ldapCreds = (LdapCredentials)credentials;

            PrincipalContext principal = new PrincipalContext(ContextType.Domain);
            UserPrincipal    user      = UserPrincipal.FindByIdentity(principal, ((LdapCredentials)credentials).AccountName);

            if (user != null)
            {
                GroupPrincipal group = GroupPrincipal.FindByIdentity(new PrincipalContext(ContextType.Domain), IdentityType.DistinguishedName, permission.Name);

                if (group == null)
                {
                    throw new MdoException("Unable to locate that group in Active Directory");
                }

                if (user.IsMemberOf(group))
                {
                    User u = new User();
                    u.PrimaryPermission = new LdapGroup()
                    {
                        IsPrimary = true, Name = permission.Name, PermissionId = group.Guid.ToString()
                    };
                    u.Domain   = base.Cxn.DataSource.Provider;
                    u.UserName = user.SamAccountName;
                    return(u);
                }
            }
            // if we reached this point, authorization was unsuccessful - throw error
            throw new MdoException("User is not a member of that group");
        }
Ejemplo n.º 33
0
        //internal SqlConnection openCxn()
        //{
        //    //string cxnString = "server=" + _server +
        //    //    ";uid=" + _uid + ";pwd=" + _pwd + ";database=" + _dbName;
        //    SqlConnection cxn = new SqlConnection(_connectionString);
        //    cxn.Open();
        //    return cxn;
        //}

        public void addRecord(AbstractCredentials creds, string encryptionKey)
        {
            string sql = buildAddRecordStatement(creds, encryptionKey);

            _cxn.connect();
            SqlCommand myCmd = new SqlCommand(sql, ((UserValidationConnection)_cxn).SqlConnection);
            int        rows  = -1;

            try
            {
                rows = myCmd.ExecuteNonQuery();
            }
            catch (SqlException e)
            {
                if (e.Number != 2627) // duplicate key exception code. i.e. primary key violations are ok
                {
                    throw;
                }
            }
            finally
            {
                _cxn.disconnect();
            }
        }
Ejemplo n.º 34
0
 string login(AbstractCredentials credentials)
 {
     throw new NotImplementedException("Login not yet implemented for MockAccount");
 }
Ejemplo n.º 35
0
 public override User authenticateAndAuthorize(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource)
 {
     throw new NotImplementedException();
 }
Ejemplo n.º 36
0
 public override User authorize(AbstractCredentials credentials, AbstractPermission permission)
 {
     throw new NotImplementedException();
 }
Ejemplo n.º 37
0
 // TBD - once we get some service accounts, should we verify them somehow?
 public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null)
 {
     this.isAuthorized = true;
     this.isAuthenticated = true;
     return "OK";
 }
Ejemplo n.º 38
0
        public void addVisitorInfo(AbstractCredentials credentials)
        {
            string DUZ = credentials.LocalUid;

            string arg = "$P($G(^VA(200," + DUZ + ",0)),\"^\",1)";          //NAME
            arg += "_\"^\"_" + "$P($G(^VA(200," + DUZ + ",1)),\"^\",9)";
            arg += "_\"^\"_" + "$P($G(^VA(200," + DUZ + ",.13)),\"^\",2)";  //OFFICE PHONE
            string response = "";
            try
            {
                response = VistaUtils.getVariableValue(cxn, arg);
            }
            catch (Exception e)
            {
                if (e.Message.Contains("M  ERROR"))
                {
                    throw new ArgumentException("No such DUZ");
                }
                else
                {
                    throw e;
                }
            }
            if (response == "")
            {
                return;
            }
            string[] flds = StringUtils.split(response, StringUtils.CARET);
            credentials.FederatedUid = flds[1];
            credentials.SubjectName = flds[0];
            credentials.SubjectPhone = flds[2];
            credentials.AuthenticationSource.SiteId.Id = cxn.DataSource.SiteId.Id;
            credentials.AuthenticationSource.SiteId.Name = cxn.DataSource.SiteId.Name;
        }
Ejemplo n.º 39
0
 internal User toUser(AbstractCredentials credentials)
 {
     User u = new User();
     u.Uid = Cxn.Uid;
     u.Name = new PersonName(credentials.SubjectName);
     u.SSN = new SocSecNum(credentials.FederatedUid);
     u.LogonSiteId = Cxn.DataSource.SiteId;
     return u;
 }
Ejemplo n.º 40
0
 public override User authenticateAndAuthorize(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource = null)
 {
     this.isAuthorized = true;
     this.isAuthenticated = true;
     return new User();
 }
Ejemplo n.º 41
0
 public override User authorize(AbstractCredentials credentials, AbstractPermission permission)
 {
     this.isAuthorized = true;
     this.isAuthenticated = true;
     return new User();
 }
Ejemplo n.º 42
0
 //// Needs to return object so it can be either User or Exception on multi-site connections.
 //public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission)
 //{
 //    try
 //    {
 //        connect();
 //        return Account.authenticateAndAuthorize(credentials, permission);
 //    }
 //    catch (Exception ex)
 //    {
 //        return ex;
 //    }
 //}
 // Needs to return object so it can be either User or Exception on multi-site connections.
 public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource)
 {
     try
     {
         connect();
         return Account.authenticateAndAuthorize(credentials, permission, validationDataSource);
     }
     catch (Exception ex)
     {
         return ex;
     }
 }
Ejemplo n.º 43
0
 public override User authorize(AbstractCredentials credentials, AbstractPermission permission)
 {
     if (permission == null)
     {
         throw new ArgumentNullException("permission");
     }
     checkAuthorizeReadiness();
     checkPermissionString(permission.Name);
     doTheAuthorize(credentials, permission);
     return toUser(credentials);
 }
Ejemplo n.º 44
0
 public override User authenticateAndAuthorize(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource = null)
 {
     string msg = authenticate(credentials, validationDataSource);
     User u = authorize(credentials, permission);
     u.Greeting = msg;
     return u;
 }
Ejemplo n.º 45
0
 public VisitTemplate(VistaAccount acct, AbstractCredentials credentials)
 {
     this.acct = acct;
     cxn = acct.Cxn;
     creds = credentials;
 }
Ejemplo n.º 46
0
 public NonBseVisit(VistaAccount acct, AbstractCredentials creds)
     : base(acct, creds)
 {
 }
Ejemplo n.º 47
0
 internal void doTheAuthorize(AbstractCredentials credentials, AbstractPermission permission)
 {
     //// if we are requesting CPRS context with a visit and user does not have it - add it to their account
     if (permission.Name == VistaConstants.CPRS_CONTEXT &&
         !Cxn.Account.Permissions.ContainsKey(VistaConstants.CPRS_CONTEXT) &&
         !Cxn.Account.AuthenticationMethod.Equals(VistaConstants.LOGIN_CREDENTIALS))
     {
         addContextInVista(Cxn.Uid, permission);
     }
     else
     {
         setContext(permission);
     }
     if (String.IsNullOrEmpty(Cxn.Uid))
     {
         if (String.IsNullOrEmpty(credentials.FederatedUid))
         {
             throw new MdoException("Missing federated UID, cannot get local UID");
         }
         VistaUserDao dao = new VistaUserDao(Cxn);
         Cxn.Uid = dao.getUserIdBySsn(credentials.FederatedUid);
         if (String.IsNullOrEmpty(Cxn.Uid))
         {
             throw new MdoException("Unable to get local UID for federated ID " + credentials.FederatedUid);
         }
     }
     if (!credentials.Complete)
     {
         VistaUserDao dao = new VistaUserDao(Cxn);
         dao.addVisitorInfo(credentials);
     }
 }
Ejemplo n.º 48
0
 public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource)
 {
     throw new NotImplementedException();
 }
Ejemplo n.º 49
0
 //public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission)
 //{
 //    return null;
 //}
 public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource = null)
 {
     return null;
 }
Ejemplo n.º 50
0
 public BseVista2WebVisit(VistaAccount acct, AbstractCredentials creds, DataSource validatorDataSource)
     : base(acct, creds)
 {
     if (validatorDataSource != null)
     {
         _validatorDataSource = validatorDataSource;
     }
 }
Ejemplo n.º 51
0
        internal string login(AbstractCredentials credentials)
        {
            if (String.IsNullOrEmpty(credentials.AccountName))
            {
                throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Access Code");
            }
            if (String.IsNullOrEmpty(credentials.AccountPassword))
            {
                throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Verify Code");
            }

            VistaQuery vq = new VistaQuery("XUS SIGNON SETUP");
            string rtn = (string)Cxn.query(vq);
            if (rtn == null)
            {
                throw new UnexpectedDataException("Unable to setup authentication");
            }

            vq = new VistaQuery("XUS AV CODE");

            // This is here so we can test with MockConnection
            if (Cxn.GetType().Name != "MockConnection")
            {
                vq.addEncryptedParameter(vq.LITERAL, credentials.AccountName + ';' + credentials.AccountPassword);
            }
            else
            {
                vq.addParameter(vq.LITERAL, credentials.AccountName + ';' + credentials.AccountPassword);
            }
            rtn = (string)Cxn.query(vq);

            //TODO - need to catch renew verify id error

            string[] flds = StringUtils.split(rtn, StringUtils.CRLF);
            if (flds[0] == "0")
            {
                throw new UnauthorizedAccessException(flds[3]);
            }
            AccountId = flds[0];

            // Set the connection's UID
            Cxn.Uid = AccountId;

            // Save the credentials
            credentials.LocalUid = AccountId;
            credentials.AuthenticationSource = Cxn.DataSource;
            credentials.AuthenticationToken = Cxn.DataSource.SiteId.Id + '_' + AccountId;

            IsAuthenticated = true;
            Cxn.IsRemote = false;

            // Set the greeting if there is one
            if (flds.Length > 7)
            {
                return flds[7];
            }
            return "OK";
        }