Ejemplo n.º 1
0
        /// <summary>
        /// AutoCreateAccount will automatically create an account based on infomration found both in the web.config file
        /// and the database.
        /// </summary>
        /// <returns>MAccountProfile</returns>
        public static MAccountProfile AutoCreateAccount()
        {
            MAccountProfile mCurrentAccountProfile = AccountUtility.GetProfile("System");
            MAccountProfile mAccountProfileToSave  = new MAccountProfile();
            Logger          mLog = Logger.Instance();

            mAccountProfileToSave.Id = -1;
            bool   mSaveGroups = true;
            bool   mSaveRoles  = true;
            string mGroups     = ConfigSettings.RegistrationGroups;
            string mRoles      = ConfigSettings.RegistrationRoles;

            if (string.IsNullOrEmpty(mGroups))
            {
                mSaveGroups = false;
            }
            if (string.IsNullOrEmpty(mRoles))
            {
                mSaveRoles = false;
            }
            mAccountProfileToSave.Account       = AccountUtility.HttpContextUserName();
            mAccountProfileToSave.FirstName     = "Auto created";
            mAccountProfileToSave.MiddleName    = "";
            mAccountProfileToSave.LastName      = "Auto created";
            mAccountProfileToSave.PreferredName = "Auto created";
            mAccountProfileToSave.Email         = "*****@*****.**";
            mAccountProfileToSave.Location      = "Hawaii";
            mAccountProfileToSave.TimeZone      = -8;
            mAccountProfileToSave.AddedBy       = mCurrentAccountProfile.Id;
            mAccountProfileToSave.AddedDate     = DateTime.Now;
            mAccountProfileToSave.SetGroups(mGroups);
            mAccountProfileToSave.SetRoles(mRoles);
            mAccountProfileToSave.PasswordLastSet = DateTime.Now;
            mAccountProfileToSave.LastLogOn       = DateTime.Now;
            mAccountProfileToSave.Password        = CryptoUtility.Encrypt(ConfigSettings.RegistrationPassword, ConfigSettings.EncryptionType);
            mAccountProfileToSave.Status          = (int)SystemStatus.SetAccountDetails;
            MClientChoicesState    mClientChoiceState     = ClientChoicesUtility.GetClientChoicesState(ConfigSettings.RegistrationAccountChoicesAccount, true);
            MSecurityEntityProfile mSecurityEntityProfile = SecurityEntityUtility.GetProfile(ConfigSettings.RegistrationSecurityEntityId);

            mClientChoiceState.IsDirty = false;
            mClientChoiceState[MClientChoices.AccountName]        = mAccountProfileToSave.Account;
            mClientChoiceState[MClientChoices.SecurityEntityId]   = mSecurityEntityProfile.Id.ToString(CultureInfo.InvariantCulture);
            mClientChoiceState[MClientChoices.SecurityEntityName] = mSecurityEntityProfile.Name;
            try
            {
                AccountUtility.Save(mAccountProfileToSave, mSaveRoles, mSaveGroups, mSecurityEntityProfile);
                ClientChoicesUtility.Save(mClientChoiceState, false);
                AccountUtility.SetPrincipal(mAccountProfileToSave);
            }
            catch (Exception ex)
            {
                mLog.Error(ex);
                throw;
            }
            return(mAccountProfileToSave);
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Returns the current MSecurityEntityProfile from context.  If one is not found in context then
        /// the default values from the config file will be returned.
        /// </summary>
        /// <returns>MSecurityEntityProfile</returns>
        public static MSecurityEntityProfile CurrentProfile()
        {
            MSecurityEntityProfile mRetProfile = null;
            String mAccount = AccountUtility.HttpContextUserName();
            MClientChoicesState mClientChoicesState = ClientChoicesUtility.GetClientChoicesState(mAccount);

            if (mClientChoicesState != null)
            {
                int mSecurityEntity = int.Parse(mClientChoicesState[MClientChoices.SecurityEntityId].ToString(), CultureInfo.InvariantCulture);
                mRetProfile = GetProfile(mSecurityEntity);
            }
            if (mRetProfile == null)
            {
                mRetProfile = DefaultProfile();
            }
            return(mRetProfile);
        }
Ejemplo n.º 3
0
        /// <summary>
        /// Performs authentication give an account and password
        /// </summary>
        /// <param name="account"></param>
        /// <param name="password"></param>
        /// <returns>Boolean</returns>
        /// <remarks>
        /// Handles authentication methodology
        /// </remarks>
        public static Boolean Authenticated(String account, String password)
        {
            if (string.IsNullOrEmpty(account))
            {
                throw new ArgumentNullException("account", "account cannot be a null reference (Nothing in VB) or empty!");
            }
            if (string.IsNullOrEmpty(account))
            {
                throw new ArgumentNullException("password", "password cannot be a null reference (Nothing in VB) or empty!");
            }
            bool retVal        = false;
            bool mDomainPassed = false;

            if (account.Contains(@"\"))
            {
                mDomainPassed = true;
            }
            MAccountProfile mAccountProfile = GetProfile(account);

            if (mDomainPassed && mAccountProfile == null)
            {
                int mDomainPos = account.IndexOf(@"\", StringComparison.OrdinalIgnoreCase);
                account         = account.Substring(mDomainPos + 1, account.Length - mDomainPos - 1);
                mAccountProfile = GetProfile(account);
            }
            if (mAccountProfile != null)
            {
                if (ConfigSettings.AuthenticationType.ToUpper(CultureInfo.InvariantCulture) == "INTERNAL")
                {
                    string profilePassword = string.Empty;
                    if ((mAccountProfile != null))
                    {
                        try
                        {
                            profilePassword = CryptoUtility.Decrypt(mAccountProfile.Password, SecurityEntityUtility.CurrentProfile().EncryptionType);
                        }
                        catch (CryptoUtilityException)
                        {
                            profilePassword = mAccountProfile.Password;
                        }
                        if (password == profilePassword && (mAccountProfile.Status != Convert.ToInt32(SystemStatus.Disabled, CultureInfo.InvariantCulture) || mAccountProfile.Status != Convert.ToInt32(SystemStatus.Inactive, CultureInfo.InvariantCulture)))
                        {
                            retVal = true;
                        }
                        if (!retVal)
                        {
                            mAccountProfile.FailedAttempts += 1;
                        }
                        if (mAccountProfile.FailedAttempts == Convert.ToInt32(ConfigSettings.FailedAttempts) && Convert.ToInt32(ConfigSettings.FailedAttempts, CultureInfo.InvariantCulture) != -1)
                        {
                            mAccountProfile.Status = Convert.ToInt32(SystemStatus.Disabled, CultureInfo.InvariantCulture);
                        }
                        AccountUtility.Save(mAccountProfile, false, false);
                    }
                }
                else // LDAP authentication
                {
                    string domainAndUsername = ConfigSettings.LdapDomain + "\\" + account;
                    if (mDomainPassed)
                    {
                        domainAndUsername = account;
                    }
                    domainAndUsername = domainAndUsername.Trim();
                    DirectoryEntry entry = null;
                    object         obj   = new object();
                    try
                    {
                        entry = new DirectoryEntry(ConfigSettings.LdapServer, domainAndUsername, password);
                        //Bind to the native AdsObject to force authentication
                        //if this does not work it will throw an exception.
                        obj = entry.NativeObject;
                        mAccountProfile.LastLogOn = DateTime.Now;
                        AccountUtility.Save(mAccountProfile, false, false);
                        retVal = true;
                    }
                    catch (Exception ex)
                    {
                        string mMessage         = "Error Authenticating account " + domainAndUsername + " through LDAP.";
                        WebSupportException mEx = new WebSupportException(mMessage, ex);
                        Logger mLog             = Logger.Instance();
                        mLog.Error(mEx);
                        throw mEx;
                    }
                    finally
                    {
                        if ((obj != null))
                        {
                            obj = null;
                        }
                        if ((entry != null))
                        {
                            entry.Dispose();
                        }
                    }
                }
            }
            return(retVal);
        }