/// <summary>
/// AutoCreateAccount will automatically create an account based on infomration found both in the web.config file
/// and the database.
/// </summary>
/// <returns>MAccountProfile</returns>
public static MAccountProfile AutoCreateAccount()
{
MAccountProfile mCurrentAccountProfile = AccountUtility.GetProfile("System");
MAccountProfile mAccountProfileToSave = new MAccountProfile();
Logger mLog = Logger.Instance();
mAccountProfileToSave.Id = -1;
bool mSaveGroups = true;
bool mSaveRoles = true;
string mGroups = ConfigSettings.RegistrationGroups;
string mRoles = ConfigSettings.RegistrationRoles;
if (string.IsNullOrEmpty(mGroups))
{
mSaveGroups = false;
}
if (string.IsNullOrEmpty(mRoles))
{
mSaveRoles = false;
}
mAccountProfileToSave.Account = AccountUtility.HttpContextUserName();
mAccountProfileToSave.FirstName = "Auto created";
mAccountProfileToSave.MiddleName = "";
mAccountProfileToSave.LastName = "Auto created";
mAccountProfileToSave.PreferredName = "Auto created";
mAccountProfileToSave.Email = "*****@*****.**";
mAccountProfileToSave.Location = "Hawaii";
mAccountProfileToSave.TimeZone = -8;
mAccountProfileToSave.AddedBy = mCurrentAccountProfile.Id;
mAccountProfileToSave.AddedDate = DateTime.Now;
mAccountProfileToSave.SetGroups(mGroups);
mAccountProfileToSave.SetRoles(mRoles);
mAccountProfileToSave.PasswordLastSet = DateTime.Now;
mAccountProfileToSave.LastLogOn = DateTime.Now;
mAccountProfileToSave.Password = CryptoUtility.Encrypt(ConfigSettings.RegistrationPassword, ConfigSettings.EncryptionType);
mAccountProfileToSave.Status = (int)SystemStatus.SetAccountDetails;
MClientChoicesState mClientChoiceState = ClientChoicesUtility.GetClientChoicesState(ConfigSettings.RegistrationAccountChoicesAccount, true);
MSecurityEntityProfile mSecurityEntityProfile = SecurityEntityUtility.GetProfile(ConfigSettings.RegistrationSecurityEntityId);
mClientChoiceState.IsDirty = false;
mClientChoiceState[MClientChoices.AccountName] = mAccountProfileToSave.Account;
mClientChoiceState[MClientChoices.SecurityEntityId] = mSecurityEntityProfile.Id.ToString(CultureInfo.InvariantCulture);
mClientChoiceState[MClientChoices.SecurityEntityName] = mSecurityEntityProfile.Name;
try
{
AccountUtility.Save(mAccountProfileToSave, mSaveRoles, mSaveGroups, mSecurityEntityProfile);
ClientChoicesUtility.Save(mClientChoiceState, false);
AccountUtility.SetPrincipal(mAccountProfileToSave);
}
catch (Exception ex)
{
mLog.Error(ex);
throw;
}
return(mAccountProfileToSave);
}
/// <summary>
/// Returns the current MSecurityEntityProfile from context. If one is not found in context then
/// the default values from the config file will be returned.
/// </summary>
/// <returns>MSecurityEntityProfile</returns>
public static MSecurityEntityProfile CurrentProfile()
{
MSecurityEntityProfile mRetProfile = null;
String mAccount = AccountUtility.HttpContextUserName();
MClientChoicesState mClientChoicesState = ClientChoicesUtility.GetClientChoicesState(mAccount);
if (mClientChoicesState != null)
{
int mSecurityEntity = int.Parse(mClientChoicesState[MClientChoices.SecurityEntityId].ToString(), CultureInfo.InvariantCulture);
mRetProfile = GetProfile(mSecurityEntity);
}
if (mRetProfile == null)
{
mRetProfile = DefaultProfile();
}
return(mRetProfile);
}
/// <summary>
/// Performs authentication give an account and password
/// </summary>
/// <param name="account"></param>
/// <param name="password"></param>
/// <returns>Boolean</returns>
/// <remarks>
/// Handles authentication methodology
/// </remarks>
public static Boolean Authenticated(String account, String password)
{
if (string.IsNullOrEmpty(account))
{
throw new ArgumentNullException("account", "account cannot be a null reference (Nothing in VB) or empty!");
}
if (string.IsNullOrEmpty(account))
{
throw new ArgumentNullException("password", "password cannot be a null reference (Nothing in VB) or empty!");
}
bool retVal = false;
bool mDomainPassed = false;
if (account.Contains(@"\"))
{
mDomainPassed = true;
}
MAccountProfile mAccountProfile = GetProfile(account);
if (mDomainPassed && mAccountProfile == null)
{
int mDomainPos = account.IndexOf(@"\", StringComparison.OrdinalIgnoreCase);
account = account.Substring(mDomainPos + 1, account.Length - mDomainPos - 1);
mAccountProfile = GetProfile(account);
}
if (mAccountProfile != null)
{
if (ConfigSettings.AuthenticationType.ToUpper(CultureInfo.InvariantCulture) == "INTERNAL")
{
string profilePassword = string.Empty;
if ((mAccountProfile != null))
{
try
{
profilePassword = CryptoUtility.Decrypt(mAccountProfile.Password, SecurityEntityUtility.CurrentProfile().EncryptionType);
}
catch (CryptoUtilityException)
{
profilePassword = mAccountProfile.Password;
}
if (password == profilePassword && (mAccountProfile.Status != Convert.ToInt32(SystemStatus.Disabled, CultureInfo.InvariantCulture) || mAccountProfile.Status != Convert.ToInt32(SystemStatus.Inactive, CultureInfo.InvariantCulture)))
{
retVal = true;
}
if (!retVal)
{
mAccountProfile.FailedAttempts += 1;
}
if (mAccountProfile.FailedAttempts == Convert.ToInt32(ConfigSettings.FailedAttempts) && Convert.ToInt32(ConfigSettings.FailedAttempts, CultureInfo.InvariantCulture) != -1)
{
mAccountProfile.Status = Convert.ToInt32(SystemStatus.Disabled, CultureInfo.InvariantCulture);
}
AccountUtility.Save(mAccountProfile, false, false);
}
}
else // LDAP authentication
{
string domainAndUsername = ConfigSettings.LdapDomain + "\\" + account;
if (mDomainPassed)
{
domainAndUsername = account;
}
domainAndUsername = domainAndUsername.Trim();
DirectoryEntry entry = null;
object obj = new object();
try
{
entry = new DirectoryEntry(ConfigSettings.LdapServer, domainAndUsername, password);
//Bind to the native AdsObject to force authentication
//if this does not work it will throw an exception.
obj = entry.NativeObject;
mAccountProfile.LastLogOn = DateTime.Now;
AccountUtility.Save(mAccountProfile, false, false);
retVal = true;
}
catch (Exception ex)
{
string mMessage = "Error Authenticating account " + domainAndUsername + " through LDAP.";
WebSupportException mEx = new WebSupportException(mMessage, ex);
Logger mLog = Logger.Instance();
mLog.Error(mEx);
throw mEx;
}
finally
{
if ((obj != null))
{
obj = null;
}
if ((entry != null))
{
entry.Dispose();
}
}
}
}
return(retVal);
}