public AuthToken Send(GetAuthToken getAuthToken)
{
AuthToken authToken = soapClient.GetAuthToken(getAuthToken);
authToken.OriginatingAuthToken = getAuthToken;
return(authToken);
}
public AuthToken GetAuthToken([XmlElement(Namespace = Microsoft.Uddi.VersionSupport.UddiVersionSupport.CurrentNamespace, IsNullable = false)] GetAuthToken getAuthToken)
{
object[] results = InvokeWebMethod("GetAuthToken", new object[] { getAuthToken });
return((AuthToken)results[0]);
}
public AuthToken GetAuthToken(GetAuthToken gat)
{
Debug.Enter();
AuthToken at = new AuthToken();
try
{
//
// XX-SECURITY: Review the value here in the case where we use
// XX-this with a web.config with Authentication set to None or Passport
//
//
// NOW: We now Get a Generic Identity. If the AuthenticationMode is AuthenticationMode.Passport (8),
// we make sure the Identity is a PassportIdentity, then we authenticate. If AuthenticationMode
// is Not set to AuthenticationMode.Passport, then process it as a WindowsIdentity.
//
//
IIdentity identity = HttpContext.Current.User.Identity;
int mode = Config.GetInt("Security.AuthenticationMode", (int)AuthenticationMode.Both);
if (((int)AuthenticationMode.Passport) == mode)
{
if (identity is PassportIdentity)
{
Debug.Write(SeverityType.Info, CategoryType.Soap, "Generating credentials for Passport based authentication Identity is " + gat.UserID);
PassportAuthenticator pa = new PassportAuthenticator();
//
// Get a Passport ticket for this user.
//
if (!pa.GetAuthenticationInfo(gat.UserID, gat.Cred, out at.AuthInfo))
{
// throw new UDDIException( ErrorType.E_unknownUser, "User failed authentication." ) ;
throw new UDDIException(ErrorType.E_unknownUser, "USER_FAILED_AUTHENTICATION");
}
//
// We need to extract the PUID from the ticket and put it into our Context.UserInfo.ID; a
// successfull call to Authenticate will do all of this.
//
if (!pa.Authenticate(at.AuthInfo, UDDI.Constants.Passport.TimeWindow))
{
throw new UDDIException(ErrorType.E_unknownUser, "UDDI_ERROR_USER_FAILED_AUTHENTICATION");
}
//
// Make sure this Passport user has registered with our UDDI site as a publisher.
//
if (!Context.User.IsVerified)
{
// throw new UDDIException( ErrorType.E_unknownUser, "Not a valid publisher." ) ;
throw new UDDIException(ErrorType.E_unknownUser, "UDDI_ERROR_NOT_A_VALID_PUBLISHER");
}
}
else
{
#if never
throw new UDDIException(ErrorType.E_fatalError,
"CONFIGURATION ERROR: Passport Identity Expected. \r\n" +
"You are currently running in Passport Authentication Mode. \r\n" +
"Check your web.config for the <authentication mode=\"Passport\" /> entry and try again.");
#endif
throw new UDDIException(ErrorType.E_fatalError, "UDDI_ERROR_PASSPORT_CONFIGURATION_ERROR");
}
}
//
// SECURITY: Check to make sure the password is blank too
//
else if (!((WindowsIdentity)identity).IsAnonymous &&
((mode & (int)AuthenticationMode.Windows) != 0) &&
Utility.StringEmpty(gat.UserID))
{
Debug.Write(SeverityType.Info, CategoryType.Soap, "Generating credentials for Windows based authentication Identity is " + identity.Name);
WindowsAuthenticator wa = new WindowsAuthenticator();
wa.GetAuthenticationInfo(gat.UserID, gat.Cred, out at.AuthInfo);
}
else if ((mode & (int)AuthenticationMode.Uddi) != 0)
{
Debug.Write(SeverityType.Info, CategoryType.Soap, "Generating credentials for UDDI based authentication");
UDDIAuthenticator ua = new UDDIAuthenticator();
ua.GetAuthenticationInfo(gat.UserID, gat.Cred, out at.AuthInfo);
}
else
{
// throw new UDDIException( UDDI.ErrorType.E_unsupported,
//"The UDDI server is not configured to support the requested form of authentication." );
throw new UDDIException(UDDI.ErrorType.E_unsupported, "UDDI_ERROR_AUTHENTICATION_CONFIGURATION_ERROR");
}
Debug.Write(SeverityType.Info, CategoryType.Soap, "Windows Identity is " + WindowsIdentity.GetCurrent().Name);
Debug.Write(SeverityType.Info, CategoryType.Soap, "Thread Identity is " + System.Threading.Thread.CurrentPrincipal.Identity.Name);
Debug.Write(SeverityType.Info, CategoryType.Soap, "HttpContext Identity is " + identity.Name);
//
// Check to make sure the authenticated user has publisher credentials
//
#if never
Debug.Verify(Context.User.IsPublisher,
"The user account " + Context.User.ID + " does not have publisher credentials",
UDDI.ErrorType.E_fatalError);
#endif
Debug.Verify(Context.User.IsPublisher,
"UDDI_ERROR_NO_PUBLISHER_CREDENTIALS",
UDDI.ErrorType.E_fatalError,
Context.User.ID);
Debug.Write(
SeverityType.Info,
CategoryType.Authorization,
"Authenticated user (userid = " + gat.UserID + " )");
}
catch (Exception e)
{
DispositionReport.Throw(e);
}
return(at);
}
