public Mercury.Server.Security.AuthenticationResponse Authenticate(String securityAuthorityName, String accountType, String accountName, String password, String newPassword, String environment)
{
Mercury.Server.Security.AuthenticationResponse authenticationResponse = new AuthenticationResponse();
Mercury.Server.Public.Interfaces.Security.Credentials credentials = new Public.Interfaces.Security.Credentials("", "", "", accountName, password, newPassword);
Mercury.Server.Security.SecurityAuthority securityAuthority = application.SecurityAuthorityGet(securityAuthorityName);
Mercury.Server.Security.Providers.ActiveDirectory.Provider activeDirectoryProvider;
Mercury.Server.Session session = null;
if (securityAuthority == null)
{
authenticationResponse.AuthenticationError = Mercury.Server.Public.Interfaces.Security.Enumerations.AuthenticationError.SecurityAuthorityError;
authenticationResponse.AuthenticationException = new Exception("Unable to retreive Security Authority information from the database.", application.LastException);
return(authenticationResponse);
}
SetProviderCredentials(accountType, securityAuthority, credentials);
activeDirectoryProvider = new Providers.ActiveDirectory.Provider(credentials);
authenticationResponse.IsAuthenticated = activeDirectoryProvider.Authenticate();
if (authenticationResponse.IsAuthenticated)
{
session = CreateSession(securityAuthority, authenticationResponse, credentials, environment);
}
SetAuthenticationError(authenticationResponse, credentials);
return(authenticationResponse);
}
public Provider(Public.Interfaces.Security.Credentials userCredentials)
{
SetProviderCapabilities();
credentials = userCredentials;
}
public Mercury.Server.Security.AuthenticationResponse Authenticate(String environment)
{
AuthenticationResponse authenticationResponse = new AuthenticationResponse();
Mercury.Server.Public.Interfaces.Security.Credentials credentials = new Public.Interfaces.Security.Credentials();
Mercury.Server.Security.SecurityAuthority securityAuthority;
Mercury.Server.Session session = null;
try {
if (((System.Threading.Thread.CurrentPrincipal.Identity.AuthenticationType == "NTLM") ||
(System.Threading.Thread.CurrentPrincipal.Identity.AuthenticationType == "Kerberos") ||
(System.Threading.Thread.CurrentPrincipal.Identity.AuthenticationType == "Negotiate")
) &&
(System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated) &&
(!String.IsNullOrEmpty(System.Threading.Thread.CurrentPrincipal.Identity.Name)))
{
#region Retreive Credentials from Thread.CurrentPrincipal
credentials.Domain = System.Threading.Thread.CurrentPrincipal.Identity.Name.Split('\\')[0];
credentials.UserName = System.Threading.Thread.CurrentPrincipal.Identity.Name.Split('\\')[1];
application.TraceWriteLineInfo(application.TraceSwitchSecurity, "\r\n[Mercury.Server.Security.Authenticate] Credentials: " + credentials.Domain + "\\" + credentials.UserName);
#endregion
#region Retreive Security Authority for Domain and Authenticate
// validate that the domain is a trusted security authority
securityAuthority = application.SecurityAuthorityGet(credentials.Domain);
if (securityAuthority != null)
{
if (securityAuthority.SecurityAuthorityType == Enumerations.SecurityAuthorityType.WindowsIntegrated)
{
#region Authenticate
SetProviderCredentials(String.Empty, securityAuthority, credentials);
Mercury.Server.Security.Providers.WindowsIntegrated.Provider windowsProvider = new Providers.WindowsIntegrated.Provider();
authenticationResponse.IsAuthenticated = windowsProvider.Authenticate(credentials);
if (authenticationResponse.IsAuthenticated)
{
session = CreateSession(securityAuthority, authenticationResponse, credentials, environment);
}
SetAuthenticationError(authenticationResponse, credentials);
#endregion
}
else
{
#region SECURITY AUTHORITY TYPE NOT WINDOWS INTEGRATED
authenticationResponse.IsAuthenticated = false;
credentials.AuthenticationError = Public.Interfaces.Security.Enumerations.AuthenticationError.SecurityAuthorityError;
SetAuthenticationError(authenticationResponse, credentials);
authenticationResponse.AuthenticationException = new ApplicationException("[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "]: Security Authority Type is not Windows Integrated.");
application.TraceWriteLineWarning(application.TraceSwitchSecurity, "\r\n[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "]: Security Authority Type is not Windows Integrated.");
#endregion
}
}
else
{
#region SECURITY AUTHORITY NOT FOUND
authenticationResponse.IsAuthenticated = false;
credentials.AuthenticationError = Public.Interfaces.Security.Enumerations.AuthenticationError.SecurityAuthorityError;
SetAuthenticationError(authenticationResponse, credentials);
authenticationResponse.AuthenticationException = new ApplicationException("[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "]: Security Authority Not Found.");
application.TraceWriteLineWarning(application.TraceSwitchSecurity, "\r\n[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "]: Security Authority Not Found.");
#endregion
}
#endregion
}
else
{
credentials.AuthenticationError = Mercury.Server.Public.Interfaces.Security.Enumerations.AuthenticationError.InvalidUserOrPassword;
SetAuthenticationError(authenticationResponse, credentials);
}
}
catch (Exception domainAccountException) {
authenticationResponse.IsAuthenticated = false;
credentials.AuthenticationError = Mercury.Server.Public.Interfaces.Security.Enumerations.AuthenticationError.InvalidUserOrPassword;
SetAuthenticationError(authenticationResponse, credentials);
authenticationResponse.AuthenticationException = new ApplicationException("[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "] " + authenticationResponse.AuthenticationException.Message, domainAccountException);
application.TraceWriteLineError(application.TraceSwitchSecurity, "[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "] " + authenticationResponse.AuthenticationException.Message);
application.TraceWriteLineError(application.TraceSwitchSecurity, "[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "] " + domainAccountException.Message);
}
return(authenticationResponse);
}
