/// <summary>
/// Gets the users properties from the specified user store.
/// </summary>
/// <param name="identification">The identification.</param>
/// <returns>
/// Class of user properties
/// </returns>
public UserProperties GetUserProperties(string identification)
{
UserProperties userprop = new UserProperties();
userprop.FirstName = identification;
// Determine which method to use to retrieve user information
// WindowsSAM
if (Globals.UserAccountSource == "WindowsSAM")
{
// Extract the machine or domain name and the user name from the
// identification string
string[] samPath = identification.Split(new char[] { '\\' });
_path = String.Format("{0}{1}", "WinNT://", samPath[0]);
try
{
// Find the user
DirectoryEntry entryRoot = new DirectoryEntry(_path);
DirectoryEntry userEntry = entryRoot.Children.Find(samPath[1], "user");
userprop.FirstName = userEntry.Properties["FullName"].Value.ToString();
userprop.Email = string.Empty;
return userprop;
}
catch
{
return userprop;
}
}
// Active Directory
else if (Globals.UserAccountSource == "ActiveDirectory")
{
DirectoryEntry entry;
if (string.IsNullOrEmpty(HostSetting.GetHostSetting("ADUserName")))
entry = new DirectoryEntry(String.Format("{0}{1}", "GC://", HostSetting.GetHostSetting("ADPath")), null, null, AuthenticationTypes.ReadonlyServer);
else
entry = new DirectoryEntry(String.Format("{0}{1}", "GC://", HostSetting.GetHostSetting("ADPath")), HostSetting.GetHostSetting("ADUserName"), HostSetting.GetHostSetting("ADPassword"), AuthenticationTypes.Secure);
// Setup the filter
identification = identification.Substring(identification.LastIndexOf(@"\") + 1,
identification.Length - identification.LastIndexOf(@"\") - 1);
string userNameFilter = string.Format(_filter, identification);
// Get a Directory Searcher to the LDAPPath
DirectorySearcher searcher = new DirectorySearcher(entry);
if (searcher == null)
{
return userprop;
}
// Add the properties that need to be retrieved
searcher.PropertiesToLoad.Add("givenName");
searcher.PropertiesToLoad.Add("mail");
searcher.PropertiesToLoad.Add("sn");
// Set the filter for the search
searcher.Filter = userNameFilter;
// Because this can get messy and there are multiple ways to have problems.
string StrError = "";
try
{
// Execute the search
SearchResult search = searcher.FindOne();
if (search != null)
{
userprop.FirstName = SearchResultProperty(search, "givenName"); //firstname
userprop.LastName = SearchResultProperty(search, "sn"); //lastname
// Modification by Stewart Moss
// 12-Nov-2008 - Inserted into 0.8 branch 2009-02-17
//
// This is to resolve [BGN-774].
//
// It gets the default email address and checks to see if it is a valid smtp address.
// If not, it tests each proxyaddress to see if it is smtp and returns the
// first smtp address it finds.
string email= SearchResultProperty(search, "mail").Trim(); //email address
string bademail = "1st Run";
// email regular expression
Regex regexEmail = new Regex(ValidEmailRegularExpression, RegexOptions.IgnoreCase | RegexOptions.CultureInvariant | RegexOptions.IgnorePatternWhitespace);
if (!regexEmail.IsMatch(email))
{
// It does not match an smtp format address, now we search the hard way
// most of the code courtesy of:
// http://blog.lozanotek.com/articles/149.aspx
// Querying Active Directory for User Emails
// Javier G. Lozano
email = "";
foreach (string proxyAddr in search.Properties["proxyaddresses"])
{
try
{
//Make it 'case insensitive'
if (proxyAddr.ToLower().StartsWith("smtp:"))
{
//Get the email string from AD
email = proxyAddr.Substring(5).Trim();
// we are only interested in the first *valid* smtp address
if (regexEmail.IsMatch(email))
{
break;
}
else
{
bademail = email;
email = "";
}
}
}
catch (Exception ex)
{
// report errors nicely
try
{
StrError = "Error in AD proxyaddresses '" + proxyAddr.ToLower() + "' returns '" + proxyAddr.Substring(5).Trim() + "'. Error='" + ex.Message + "'";
}
catch (Exception ex2)
{
StrError = "Error in AD proxyaddresses '" + proxyAddr.ToLower() + "' returns 'proxyAddr.Substring(5).Trim() undefined'. Error='" + ex2.Message + "'";
}
bademail = email;
email = "";
// Keep searching after exception
}
} // foreach
}
if (email == "")
{
throw new Exception("Email address='" + bademail + "' is invalid! Error='" + StrError + "'.");
}
userprop.Email = email;
//add new properties here to fill the profile.
return userprop;
}
else
return userprop;
}
catch
{
return userprop;
}
}
else
{
// The user has not choosen an UserAccountSource or UserAccountSource as None
// Usernames will be displayed as "Domain\Username"
return userprop;
}
}
/// <summary>
/// Handles the AuthenticateRequest event of the context control.
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="T:System.EventArgs"/> instance containing the event data.</param>
void context_AuthenticateRequest(object sender, EventArgs e)
{
//check if we are upgrading/installing
if (HttpContext.Current.Request.Url.LocalPath.ToLower().EndsWith("install.aspx"))
{
return;
}
//get host settings
bool enabled = HostSettingManager.Get(HostSettingNames.UserAccountSource) == "ActiveDirectory" || HostSettingManager.Get(HostSettingNames.UserAccountSource) == "WindowsSAM";
//check if windows authentication is enabled in the host settings
if (enabled)
{
if (System.Web.HttpContext.Current.User != null)
{
MDC.Set("user", System.Web.HttpContext.Current.User.Identity.Name);
}
// This was moved from outside "if enabled" to only happen when we need it.
HttpRequest request = HttpContext.Current.Request;
// not needed to be removed
// HttpResponse response = HttpContext.Current.Response;
if (request.IsAuthenticated)
{
if ((HttpContext.Current.User.Identity.AuthenticationType == "NTLM" || HttpContext.Current.User.Identity.AuthenticationType == "Negotiate"))
{
//check if the user exists in the database
MembershipUser user = UserManager.GetUser(HttpContext.Current.User.Identity.Name);
if (user == null)
{
try
{
UserProperties userprop = GetUserProperties(HttpContext.Current.User.Identity.Name);
MembershipUser mu = null;
MembershipCreateStatus createStatus = MembershipCreateStatus.Success;
//create a new user with the current identity and a random password.
if (Membership.RequiresQuestionAndAnswer)
{
mu = Membership.CreateUser(HttpContext.Current.User.Identity.Name, Membership.GeneratePassword(7, 2), userprop.Email, "WindowsAuth", "WindowsAuth", true, out createStatus);
}
else
{
mu = Membership.CreateUser(HttpContext.Current.User.Identity.Name, Membership.GeneratePassword(7, 2), userprop.Email);
}
if (createStatus == MembershipCreateStatus.Success && mu != null)
{
WebProfile Profile = new WebProfile().GetProfile(HttpContext.Current.User.Identity.Name);
if (!string.IsNullOrWhiteSpace(userprop.DisplayName))
{
Profile.DisplayName = userprop.DisplayName;
}
else
{
Profile.DisplayName = String.Format("{0} {1}", userprop.FirstName, userprop.LastName);
}
Profile.FirstName = userprop.FirstName;
Profile.LastName = userprop.LastName;
Profile.Save();
//auto assign user to roles
List <Role> roles = RoleManager.GetAll().FindAll(r => r.AutoAssign == true);
foreach (Role r in roles)
{
RoleManager.AddUser(mu.UserName, r.Id);
}
}
user = Membership.GetUser(HttpContext.Current.User.Identity.Name);
}
catch (Exception ex)
{
if (Log.IsErrorEnabled)
{
Log.Error(String.Format("Unable to add new user '{0}' to BugNET application. Authentication Type='{1}'.", HttpContext.Current.User.Identity.Name, HttpContext.Current.User.Identity.AuthenticationType), ex);
}
}
}
else
{
//update the user's last login date.
user.LastLoginDate = DateTime.Now;
Membership.UpdateUser(user);
}
}
}
}
}
/// <summary>
/// Gets the users properties from the specified user store.
/// </summary>
/// <param name="identification">The identification.</param>
/// <returns>
/// Class of user properties
/// </returns>
public UserProperties GetUserProperties(string identification)
{
UserProperties userprop = new UserProperties();
userprop.FirstName = identification;
// Determine which method to use to retrieve user information
// WindowsSAM
if (HostSettingManager.UserAccountSource == "WindowsSAM")
{
// Extract the machine or domain name and the user name from the
// identification string
string[] samPath = identification.Split(new char[] { '\\' });
_path = String.Format("{0}{1}", "WinNT://", samPath[0]);
try
{
// Find the user
DirectoryEntry entryRoot = new DirectoryEntry(_path);
DirectoryEntry userEntry = entryRoot.Children.Find(samPath[1], "user");
userprop.FirstName = userEntry.Properties["FullName"].Value.ToString();
userprop.Email = string.Empty;
return userprop;
}
catch
{
return userprop;
}
}
// Active Directory
else if (HostSettingManager.UserAccountSource == "ActiveDirectory")
{
// Setup the filter
string username = identification.Substring(identification.LastIndexOf(@"\") + 1, identification.Length - identification.LastIndexOf(@"\") - 1);
string domain = HostSettingManager.Get(HostSettingNames.ADPath);
string login = HostSettingManager.Get(HostSettingNames.ADUserName);
string password = HostSettingManager.Get(HostSettingNames.ADPassword);
List<string> emailAddresses = new List<string>();
PrincipalContext domainContext;
if (string.IsNullOrWhiteSpace(login))
domainContext = new PrincipalContext(ContextType.Domain, domain);
else
domainContext = new PrincipalContext(ContextType.Domain, domain, login, password);
if (domainContext != null)
{
UserPrincipal user = UserPrincipal.FindByIdentity(domainContext, username);
if (user != null)
{
// extract full name
if (!string.IsNullOrWhiteSpace(user.GivenName) || !string.IsNullOrWhiteSpace(user.Surname))
{
userprop.FirstName = user.GivenName == null ? "" : user.GivenName.Trim();
userprop.LastName = user.Surname == null ? "" : user.Surname.Trim();
}
if (!string.IsNullOrWhiteSpace(user.DisplayName))
{
userprop.DisplayName = user.DisplayName;
}
Regex regexEmail = new Regex(ValidEmailRegularExpression, RegexOptions.IgnoreCase | RegexOptions.CultureInvariant | RegexOptions.IgnorePatternWhitespace);
foreach (var email in GetEmails(user))
{
if (string.IsNullOrWhiteSpace(email))
continue;
var fixedEmail = email.Trim();
//Make it 'case insensitive'
if (fixedEmail.StartsWith("smtp:", StringComparison.InvariantCultureIgnoreCase))
{
//Get the email string from AD
fixedEmail = fixedEmail.Substring(5).Trim();
}
if (regexEmail.IsMatch(fixedEmail))
{
userprop.Email = fixedEmail;
break;
}
}
}
}
//add new properties here to fill the profile.
return userprop;
}
else
{
// The user has not chosen an UserAccountSource or UserAccountSource as None
// Usernames will be displayed as "Domain\Username"
return userprop;
}
}
/// <summary>
/// Gets the users properties from the specified user store.
/// </summary>
/// <param name="identification">The identification.</param>
/// <returns>
/// Class of user properties
/// </returns>
public UserProperties GetUserProperties(string identification)
{
UserProperties userprop = new UserProperties();
userprop.FirstName = identification;
// Determine which method to use to retrieve user information
// WindowsSAM
if (HostSettingManager.UserAccountSource == "WindowsSAM")
{
// Extract the machine or domain name and the user name from the
// identification string
string[] samPath = identification.Split(new char[] { '\\' });
_path = String.Format("{0}{1}", "WinNT://", samPath[0]);
try
{
// Find the user
DirectoryEntry entryRoot = new DirectoryEntry(_path);
DirectoryEntry userEntry = entryRoot.Children.Find(samPath[1], "user");
userprop.FirstName = userEntry.Properties["FullName"].Value.ToString();
userprop.Email = string.Empty;
return(userprop);
}
catch
{
return(userprop);
}
}
// Active Directory
else if (HostSettingManager.UserAccountSource == "ActiveDirectory")
{
// Setup the filter
string username = identification.Substring(identification.LastIndexOf(@"\") + 1, identification.Length - identification.LastIndexOf(@"\") - 1);
string domain = HostSettingManager.Get(HostSettingNames.ADPath);
string login = HostSettingManager.Get(HostSettingNames.ADUserName);
string password = HostSettingManager.Get(HostSettingNames.ADPassword);
List <string> emailAddresses = new List <string>();
PrincipalContext domainContext;
if (string.IsNullOrWhiteSpace(login))
{
domainContext = new PrincipalContext(ContextType.Domain, domain);
}
else
{
domainContext = new PrincipalContext(ContextType.Domain, domain, login, password);
}
if (domainContext != null)
{
UserPrincipal user = UserPrincipal.FindByIdentity(domainContext, username);
if (user != null)
{
// extract full name
if (!string.IsNullOrWhiteSpace(user.GivenName) || !string.IsNullOrWhiteSpace(user.Surname))
{
userprop.FirstName = user.GivenName == null ? "" : user.GivenName.Trim();
userprop.LastName = user.Surname == null ? "" : user.Surname.Trim();
}
if (!string.IsNullOrWhiteSpace(user.DisplayName))
{
userprop.DisplayName = user.DisplayName;
}
Regex regexEmail = new Regex(ValidEmailRegularExpression, RegexOptions.IgnoreCase | RegexOptions.CultureInvariant | RegexOptions.IgnorePatternWhitespace);
foreach (var email in GetEmails(user))
{
if (string.IsNullOrWhiteSpace(email))
{
continue;
}
var fixedEmail = email.Trim();
//Make it 'case insensitive'
if (fixedEmail.StartsWith("smtp:", StringComparison.InvariantCultureIgnoreCase))
{
//Get the email string from AD
fixedEmail = fixedEmail.Substring(5).Trim();
}
if (regexEmail.IsMatch(fixedEmail))
{
userprop.Email = fixedEmail;
break;
}
}
}
}
//add new properties here to fill the profile.
return(userprop);
}
else
{
// The user has not chosen an UserAccountSource or UserAccountSource as None
// Usernames will be displayed as "Domain\Username"
return(userprop);
}
}
