private void OnAuthenticateRequest(object sender, EventArgs e) { var app = sender as HttpApplication; var credentials = app.Context.Request.Headers["Authorization"]; if (string.IsNullOrEmpty(credentials)) return; //var userPassword = System.Convert.FromBase64String(credentials); //var userString = (new System.Text.UTF8Encoding()).GetString(userPassword); var encodedPassword = AuthenticationHeaderValue.Parse(credentials).Parameter; var userPassword = new System.Text.UTF8Encoding().GetString(System.Convert.FromBase64String(encodedPassword)); var passwordParts = userPassword.Split(':'); var userName = passwordParts[0]; var password = passwordParts[1]; if (!WebSecurity.Initialized) throw new System.ApplicationException("WebSecurity database became unitialized"); if (Membership.Provider.ValidateUser(userName, password)) { var identity = new BasicIdentity(userName); var roles = Roles.Provider.GetRolesForUser(userName); var principal = new GenericPrincipal(identity, roles); app.Context.User = principal; if (HttpContext.Current != null) HttpContext.Current.User = principal; } }
private ActionResult RedirectToLocal(string returnUrl, System.Security.Principal.GenericPrincipal tempPrincipal = null) { if (Url.IsLocalUrl(returnUrl)) { if (tempPrincipal != null && tempPrincipal.HasAccessToNode(returnUrl)) { return(Redirect(returnUrl)); } } if (tempPrincipal != null) { if (tempPrincipal.HasAccessToNode(Url.Action("Index", "Home"))) { RedirectToAction("Index", "Home"); } List <string> allowdNodesKeys = tempPrincipal.GetAuthorizedNodesList(MvcSiteMapProvider.SiteMaps.Current.RootNode, false); if (allowdNodesKeys.Count() > 0) { return(Redirect(SiteMapHelper.GetUrlByKey(allowdNodesKeys.First()))); } } return(RedirectToAction("Index", "Home")); }
protected void Application_AuthenticateRequest() { if (Context.User == null) { return; } //Exit if the userObj = null //get the current user reference string emailAddress = Context.User.Identity.Name; string[] roles = new string[1]; using (WSADDbContext context = new WSADDbContext()) { //get the user based on the email address of the current user User userDTO = context.Users.FirstOrDefault(row => row.UserEmailAddress == emailAddress); //Add Roles to the IPrinicipal Objecct if (userDTO != null) { roles = context.UserRoles.Where(row => row.UserId == userDTO.UserId) .Select(row => row.role.Name) //fkRole in tblRole .ToArray(); } } //Build IPrinicpal Object IIdentity userIdentity = new GenericIdentity(emailAddress); IPrincipal newUserObj = new System.Security.Principal.GenericPrincipal(userIdentity, roles); //Update Context.User with IPrinicpal Obj Context.User = newUserObj; }
protected void Application_AuthenticateRequest() { if (Context.User == null) { return; } //get current user username string username = Context.User.Identity.Name; //setup a Dbcontext string[] roles = null; using (WSADDbContext context = new WSADDbContext()) { //add our roles to the iprincipal object User userDTO = context.Users.FirstOrDefault(row => row.Username == username); if (userDTO != null) { roles = context.UserRoles.Where(row => row.UserId == userDTO.Id) .Select(row => row.Role.Name) .ToArray(); } } //build iprincipal object IIdentity userIdentity = new GenericIdentity(username); IPrincipal newUserObj = new System.Security.Principal.GenericPrincipal(userIdentity, roles); //update the context.user with our Iprincipal Context.User = newUserObj; }
/// <summary> /// Stores the current <see cref="Thread.CurrentPrincipal"/> and replaces it with /// a new role identified in constructor. /// </summary> /// <param name="methodUnderTest">The method under test</param> public override void Before(MethodInfo methodUnderTest) { originalPrincipal = Thread.CurrentPrincipal; GenericIdentity identity = new GenericIdentity("xUnit"); GenericPrincipal principal = new GenericPrincipal(identity, new string[] { name }); Thread.CurrentPrincipal = principal; }
/// <summary> /// Override to Web API filter method to handle Basic Auth check /// </summary> /// <param name="actionContext"></param> public override void OnAuthorization(HttpActionContext actionContext) { if (Active) { var identity = ParseAuthorizationHeader(actionContext); if (identity == null) { Challenge(actionContext); return; } if (!OnAuthorizeUser(identity.Name, identity.Password, actionContext)) { Challenge(actionContext); return; } var principal = new GenericPrincipal(identity, null); Thread.CurrentPrincipal = principal; // inside of ASP.NET this is also required for some async scenarios //if (HttpContext.Current != null) // HttpContext.Current.User = principal; base.OnAuthorization(actionContext); } }
public override ReadOnlyCollection<IAuthorizationPolicy> Authenticate(ReadOnlyCollection<IAuthorizationPolicy> authPolicy, Uri listenUri, ref Message message) { var requestProperties = (HttpRequestMessageProperty)message.Properties[HttpRequestMessageProperty.Name]; var rawAuthHeader = requestProperties.Headers["Authorization"]; AuthenticationHeader authHeader = null; if (AuthenticationHeader.TryDecode(rawAuthHeader, out authHeader)); { var identity = new GenericIdentity(authHeader.Username); var principal = new GenericPrincipal(identity, new string[] { }); var httpContext = new HttpContextWrapper(HttpContext.Current) { User = principal, }; if (httpContext.User != null) return authPolicy; } SendUnauthorizedResponse(); return base.Authenticate(authPolicy, listenUri, ref message); }
private static void OnAuthenticateRequest(object sender, EventArgs e) { var application = (HttpApplication) sender; HttpContext context = application.Context; if (context.User != null && context.User.Identity.IsAuthenticated) return; string cookieName = FormsAuthentication.FormsCookieName; HttpCookie cookie = application.Request.Cookies[cookieName.ToUpper()]; if (cookie == null) return; try { FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Value); var identity = new CustomIdentity(AccountEntry.Deserialize(ticket.UserData), ticket.Name); var principal = new GenericPrincipal(identity, identity.GetRoles()); context.User = principal; Thread.CurrentPrincipal = principal; } catch { } }
protected override void OnAuthorization(AuthorizationContext filterContext) { base.OnAuthorization(filterContext); //Zapisanie pryncypala z rolami if (HttpContext.User != null && HttpContext.User.Identity!=null && !string.IsNullOrEmpty(HttpContext.User.Identity.Name)) { string[] tablicaRol = new string[1]; string nazwaUzytkownika = HttpContext.User.Identity.Name; var rola = WroBL.Logowanie.RolaUzytkownika(nazwaUzytkownika); if (rola != WroBL.Logowanie.Rola.Gosc) { tablicaRol[0] = WroBL.Logowanie.NazwaRoli(rola); GenericPrincipal principal = new GenericPrincipal(HttpContext.User.Identity, tablicaRol); HttpContext.User = principal; } //Update daty ostatniego zalogowania if (HttpContext.User.Identity.Name != null && WroBL.Logowanie.UzytkownikIstnieje(nazwaUzytkownika)) WroBL.Logowanie.ZaktualizujDateOstatniegoLogowania(nazwaUzytkownika,true); } }
public NewsletterDaemon(Federation fed, string rootURL, string newslettersFrom, string headInsert, bool sendAsAttachments, string authenticateAs) { _federation = fed; _rootUrl = rootURL; _newslettersFrom = newslettersFrom; _headInsert = headInsert; _sendAsAttachments = sendAsAttachments; AuthorizationRuleWho who = AuthorizationRuleWho.Parse(authenticateAs); if (who.WhoType == AuthorizationRuleWhoType.GenericAnonymous) { _principal = new GenericPrincipal(new GenericIdentity(""), null); } else if (who.WhoType == AuthorizationRuleWhoType.User) { _principal = new GenericPrincipal(new GenericIdentity(who.Who), null); } else { throw new ArgumentException("Newsletters can only authenticate as 'anonymous' or as a particular user. Illegal value: " + authenticateAs, "authenticateAs"); } }
public static GenericPrincipal AgentGenericPrincipal() { //AgentId = 1, var ident = new GenericIdentity("mike"); var principal = new GenericPrincipal(ident, new[] { LookUpRoles.AgentRole }); return principal; }
static void Main(string[] args) { GenericPrincipal principal = new GenericPrincipal(new GenericIdentity("Miguel"), new string[] { "CarRentalAdmin" }); Thread.CurrentPrincipal = principal; ObjectBase.Container = MEFLoader.Init(); Console.WriteLine("Starting up services"); Console.WriteLine(""); SM.ServiceHost hostInventoryManager = new SM.ServiceHost(typeof(InventoryManager)); SM.ServiceHost hostRentalManager = new SM.ServiceHost(typeof(RentalManager)); SM.ServiceHost hostAccountManager = new SM.ServiceHost(typeof(AccountManager)); StartService(hostInventoryManager, "InventoryManager"); StartService(hostRentalManager, "RentalManager"); StartService(hostAccountManager, "AccountManager"); System.Timers.Timer timer = new Timer(10000); timer.Elapsed += OnTimerElapsed; timer.Start(); Console.WriteLine(""); Console.WriteLine("Press [Enter] to exit."); Console.ReadLine(); timer.Stop(); Console.WriteLine("Reservation Monitor Stopped"); StopService(hostInventoryManager, "InventoryManager"); StopService(hostRentalManager, "RentalManager"); StopService(hostAccountManager, "AccountManager"); }
public void OnAuthorization(AuthorizationContext filterContext) { HttpCookie authCookie = filterContext.HttpContext.Request.Cookies[FormsAuthentication.FormsCookieName]; if ((authCookie != null) && (!filterContext.HttpContext.Session.IsNewSession) ) { FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); var identity = new GenericIdentity(authTicket.Name, "Forms"); var principal = new GenericPrincipal(identity, new string[] { authTicket.UserData }); filterContext.HttpContext.User = principal; } var Controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName; var Action = filterContext.ActionDescriptor.ActionName; var User = filterContext.HttpContext.User; var IP = filterContext.HttpContext.Request.UserHostAddress; var isAccessAllowed = ACL.IsAccessAllowed(Controller, Action, User, IP); if (!isAccessAllowed) { //FormsAuthentication.RedirectToLoginPage(); filterContext.HttpContext.Response.Redirect("/Pages/Login", true); // filterContext.Result = new HttpUnauthorizedResult(); // return; } }
protected void Application_AuthenticateRequest(object sender, EventArgs e) { if ((HttpContext.Current.User == null) || (!HttpContext.Current.User.Identity.IsAuthenticated)) return; // Get Forms Identity From Current User var id = (FormsIdentity)HttpContext.Current.User.Identity; // Create a custom Principal Instance and assign to Current User (with caching) var principal = (GenericPrincipal)HttpContext.Current.Cache.Get(id.Name); if (principal == null) { // Create and populate your Principal object with the needed data and Roles. principal = new GenericPrincipal(id, new string[0]); HttpContext.Current.Cache.Add( id.Name, principal, null, System.Web.Caching.Cache.NoAbsoluteExpiration, new TimeSpan(0, 30, 0), System.Web.Caching.CacheItemPriority.Default, null); } HttpContext.Current.User = principal; }
/// <summary> /// Handles the AuthenticateRequest event of the Application control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="EventArgs" /> instance containing the event data.</param> protected void Application_AuthenticateRequest(object sender, EventArgs e) { var authCookie = Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { try { var authTicket = FormsAuthentication.Decrypt(authCookie.Value); if (authTicket != null) { var identity = new GenericIdentity(authTicket.Name, "Forms"); var roles = authTicket.UserData.Split(new[] { ',' }, StringSplitOptions.RemoveEmptyEntries).Distinct().ToArray(); var principal = new GenericPrincipal(identity, roles); Context.User = principal; } } catch { Session.Clear(); FormsAuthentication.SignOut(); } } cmsHost.OnAuthenticateRequest(this); }
public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext) { if (Thread.CurrentPrincipal.Identity.IsAuthenticated) { return; } var authHeader = actionContext.Request.Headers.Authorization; if(authHeader!=null) { if (authHeader.Scheme.Equals("basic", StringComparison.OrdinalIgnoreCase) && !string.IsNullOrWhiteSpace(authHeader.Parameter)) { var rawCredentials = authHeader.Parameter; var encoding = Encoding.GetEncoding("iso-8859-1"); var credentials = encoding.GetString(Convert.FromBase64String(rawCredentials)); var split = credentials.Split(':'); var username = split[0]; var password = split[1]; if(checkLogin(username,password)) { var principal = new GenericPrincipal(new GenericIdentity(username), null); Thread.CurrentPrincipal = principal; return; } } } RespondUnAuthorize(actionContext); }
public IPrincipal GetMember() { var principalName = GetPrincipalName(_site); IPrincipal memberPrincipal = (IPrincipal)HttpContext.Current.Items[principalName]; if (memberPrincipal == null) { memberPrincipal = DefaultPrincipal(); var authCookie = GetAuthCookie(_site, _httpContext.Request.Cookies); if (authCookie != null && authCookie.Expires < DateTime.Now) { var encryptedTicket = authCookie.Value; var ticket = FormsAuthentication.Decrypt(encryptedTicket); if (!ticket.Expired) { var membershipUser = GetMembershipUser(ticket.Name); if (membershipUser != null) { memberPrincipal = new GenericPrincipal(new FormsIdentity(ticket), membershipUser.MembershipGroups); } } } HttpContext.Current.Items[principalName] = memberPrincipal; } return memberPrincipal; }
protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext) { var isAuthenticated = base.AuthorizeCore(httpContext); if (isAuthenticated) { string cookieName = FormsAuthentication.FormsCookieName; if (!httpContext.User.Identity.IsAuthenticated || httpContext.Request.Cookies == null || httpContext.Request.Cookies[cookieName] == null) { return false; } var authCookie = httpContext.Request.Cookies[cookieName]; var authTicket = FormsAuthentication.Decrypt(authCookie.Value); // This is where you can read the userData part of the authentication // cookie and fetch the token string webServiceToken = authTicket.UserData; if (string.IsNullOrEmpty(webServiceToken)) { return false; } GenericIdentity identity = new TokenIdentity(httpContext.User.Identity.Name, httpContext.User.Identity.AuthenticationType, webServiceToken); IPrincipal userPrincipal = new GenericPrincipal(identity, null); // Inject the custom principal in the httpcontext httpContext.User = userPrincipal; } return isAuthenticated; }
public static void SetUserAndCookie(this HttpContext context, string login, bool isSetCookie = true) { if (login == null) { System.Web.Security.FormsAuthentication.SignOut(); context.User = null; } else { if (isSetCookie) { var authTicket = new System.Web.Security.FormsAuthenticationTicket ( 1, //version login, // user name DateTime.Now, //creation DateTime.Now.AddYears(50), //Expiration (you can set it to 1 month true, //Persistent login ); // additional informations var encryptedTicket = System.Web.Security.FormsAuthentication.Encrypt(authTicket); var authCookie = new HttpCookie(System.Web.Security.FormsAuthentication.FormsCookieName, encryptedTicket); authCookie.Expires = authTicket.Expiration; authCookie.HttpOnly = true; context.Response.SetCookie(authCookie); } var principal = new System.Security.Principal.GenericPrincipal(new System.Security.Principal.GenericIdentity(login), Array <string> .Empty); context.User = principal; } }
public static HttpContextBase FakeHttpContext() { var context = new Mock<HttpContextBase>(); var request = new Mock<HttpRequestBase>(); var response = new Mock<HttpResponseBase>(); var session = new Mock<HttpSessionStateBase>(); var server = new Mock<HttpServerUtilityBase>(); context.Expect(ctx => ctx.Request).Returns(request.Object); context.Expect(ctx => ctx.Response).Returns(response.Object); context.Expect(ctx => ctx.Session).Returns(session.Object); context.Expect(ctx => ctx.Server).Returns(server.Object); var form = new NameValueCollection(); var querystring = new NameValueCollection(); var cookies = new HttpCookieCollection(); var user = new GenericPrincipal(new GenericIdentity("testuser"),new string[]{"Administrator"}); request.Expect(r => r.Cookies).Returns(cookies); request.Expect(r => r.Form).Returns(form); request.Expect(q => q.QueryString).Returns(querystring); context.Expect(u => u.User).Returns(user); return context.Object; }
public static bool Login( String uname , String pass , out IUserCtx uc) { String[] roles; uc = null; // autentykacja (tu następuje sprawdzenie z tablicą user/pass z Bazy Danych) if (uname == "Rafal") { // autoryzacja (tu następuje pobranie z Bazy Danych wszystkich ról do których user należy) roles = new String[] { BizzLogic.Operation1Role, BizzLogic.Operation2Role }; } else if (uname == "Atylla") { roles = new String[] { BizzLogic.Operation2Role }; } else { return false; } UserCtx ucl = new UserCtx(uname); foreach (String s in roles) ucl.AddOperRole(s); uc = ucl; GenericIdentity gi = new GenericIdentity(uname); GenericPrincipal gp = new GenericPrincipal(gi, roles); // przypisanie kontekstu (żeby działał mechanizm) Thread.CurrentPrincipal = gp; return true; }
protected async override System.Threading.Tasks.Task<HttpResponseMessage> SendAsync( HttpRequestMessage request, System.Threading.CancellationToken cancellationToken ) { var authHeader = request.Headers.Authorization; if ( authHeader != null ) { if ( authHeader.Scheme.Equals( "encryptKey", StringComparison.OrdinalIgnoreCase ) && !String.IsNullOrWhiteSpace( authHeader.Parameter ) ) { var key = authHeader.Parameter; if ( IsVerified( key ) ) { var currentPrincipal = new GenericPrincipal( new GenericIdentity( "User" ), null ); request.GetRequestContext().Principal = currentPrincipal; } } } return await base.SendAsync( request, cancellationToken ) .ContinueWith( task => { var response = task.Result; if ( response.StatusCode == HttpStatusCode.Unauthorized && !response.Headers.Contains( basicAuthResponseHeader ) ) response.Headers.Add( basicAuthResponseHeader, basicAuthResponseHeaderValue ); return response; } ); }
public override void OnAuthorization(HttpActionContext actionContext) { var authHeader = actionContext.Request.Headers.Authorization; if (authHeader != null) { if (authHeader.Scheme.Equals("basic", StringComparison.OrdinalIgnoreCase) && !string.IsNullOrWhiteSpace(authHeader.Parameter)) { var rawCredentials = authHeader.Parameter; var encoding = Encoding.GetEncoding("iso-8859-1"); var credentials = encoding.GetString(Convert.FromBase64String(rawCredentials)); // TODO: Maybe log in just using e-mail address var split = credentials.Split('|'); var username = split[0]; var password = split[1]; if (!WebSecurity.Initialized) { WebSecurity.InitializeDatabaseConnection("CrisisCheckin", "User", "Id", "UserName", autoCreateTables: true); } if (WebSecurity.Login(username, password)) { var principal = new GenericPrincipal(new GenericIdentity(username), null); Thread.CurrentPrincipal = principal; return; } } } HandleUnauthorized(actionContext); }
public API_Moq_HttpContext setupNormalRequestValues() { var genericIdentity = new GenericIdentity("genericIdentity"); var genericPrincipal = new GenericPrincipal(genericIdentity, new string[] {}); MockContext.Setup(context => context.User).Returns(genericPrincipal); MockContext.Setup(context => context.Cache).Returns(HttpRuntime.Cache); MockContext.Setup(context => context.Server.MapPath(It.IsAny<string>())).Returns((string path) => this.BaseDir.pathCombine(path)); //Request MockRequest.Setup(request =>request.InputStream ).Returns(new MemoryStream()); MockRequest.Setup(request =>request.Headers ).Returns(new NameValueCollection()); MockRequest.Setup(request =>request.QueryString ).Returns(new NameValueCollection()); MockRequest.Setup(request =>request.Form ).Returns(new NameValueCollection()); //Response var outputStream = new MemoryStream(); MockResponse.Setup(response =>response.OutputStream).Returns(outputStream); //var writer = new StringWriter(); // context.Expect(ctx => ctx.Response.Output).Returns(writer); MockResponse.Setup(response =>response.Write(It.IsAny<string>())).Callback((string code) => outputStream.Write(code.asciiBytes(), 0, code.size())); var cache = new Mock<HttpCachePolicyBase>(); MockResponse.SetupGet(response => response.Cache).Returns(cache.Object); return this; }
protected void Application_AuthenticateRequest(Object sender, EventArgs e) { if (Context.User == null ) { String cookieName = FormsAuthentication.FormsCookieName; HttpCookie authCookie = Context.Request.Cookies[cookieName]; if(null == authCookie) { //There is no authentication cookie. return; } FormsAuthenticationTicket authTicket = null; try { authTicket = FormsAuthentication.Decrypt(authCookie.Value); } catch (Exception ex) { //Write the exception to the Event Log. return; } if(null == authTicket) { //Cookie failed to decrypt. return; } string[] loginType = authTicket.UserData.Split(new char[]{','});; GenericIdentity id = new GenericIdentity(authTicket.Name, "webAuth"); //This principal flows throughout the request. GenericPrincipal principal = new GenericPrincipal(id, loginType); Context.User = principal; } //Context.User = (System.Security.Principal.IPrincipal)System.Security.Principal.WindowsIdentity.GetCurrent(); }
private HttpRequestMessage SetUpAuthTestInfrastructure( string username, string password) { var principal = new GenericPrincipal( new GenericIdentity(username), new[] { "Admin" }); var request = new HttpRequestMessage(); var membershipServiceMock = new Mock<IMembershipService>(); membershipServiceMock.Setup(ms => ms.ValidateUser(It.IsAny<string>(), It.IsAny<string>()) ).Returns<string, string>((u, p) => (u == username && p == password) ? new ValidUserContext { Principal = principal } : new ValidUserContext() ); var dependencyScopeMock = new Mock<IDependencyScope>(); dependencyScopeMock.Setup( ds => ds.GetService(typeof(IMembershipService)) ).Returns(membershipServiceMock.Object); request.Properties[HttpPropertyKeys.DependencyScope] = dependencyScopeMock.Object; return request; }
public override void OnAuthorization(HttpActionContext actionContext) { if (!SkipAuthorisation(actionContext)) { var identity = ParseAuthorizationHeader(actionContext); if (identity == null) { actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); return; } if (!OnAuthorizeUser(identity.Name, identity.Password, actionContext)) { actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); return; } var principal = new GenericPrincipal(identity, null); Thread.CurrentPrincipal = principal; HttpContext.Current.User = principal; base.OnAuthorization(actionContext); } }
/// <summary> /// 创建登录用户的票据信息 /// </summary> /// <param name="strUserName"></param> public static string CreateLoginUserTicket(string userId) { DateTime loginTime = DateTime.Now;//用户的登录时间 //构造Form验证的票据信息 ///把登录时间和用户ID写进Cookie中,后面可以用于判断用户的登录时间间隔 FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, userId, DateTime.Now, DateTime.Now.AddMinutes(90), true, string.Format("{0}:{1}", userId, loginTime), FormsAuthentication.FormsCookiePath); string ticString = FormsAuthentication.Encrypt(ticket); //把票据信息写入Cookie和Session //SetAuthCookie方法用于标识用户的Identity状态为true HttpContext.Current.Response.Cookies.Add(new HttpCookie("UserLoginCookieToken", ticString)); FormsAuthentication.SetAuthCookie(userId, true); HttpContext.Current.Session["USER_LOGON_TICKET"] = ticString; //重写HttpContext中的用户身份,可以封装自定义角色数据; //判断是否合法用户,可以检查:HttpContext.User.Identity.IsAuthenticated的属性值 string[] roles = ticket.UserData.Split(','); IIdentity identity = new FormsIdentity(ticket); IPrincipal principal = new GenericPrincipal(identity, roles); HttpContext.Current.User = principal; return ticString;//返回票据 }
/// <summary> /// Example to show how you could create identities from any data store, based on strings. /// </summary> /// <returns>GenericPrincipal for bob</returns> public static GenericPrincipal CreateIdentity() { // attached roles var roles = new string[] { "Sales", "Marketing" }; var user = new GenericPrincipal(new GenericIdentity("bob"), roles); return user; }
private static void OnAuthenticateRequest(object sender, EventArgs eventArgs) { var httpApplication = (HttpApplication)sender; var cookieName = FormsAuthentication.FormsCookieName; var cookie = httpApplication.Request.Cookies[cookieName.ToUpper()]; if (cookie == null) return; try { var ticket = FormsAuthentication.Decrypt(cookie.Value); if (ticket == null || ticket.Expired) return; var accountData = AccountData.Deserialize(ticket.UserData); var identity = new FrameplateIdentity(accountData, ticket.Name); var principal = new GenericPrincipal(identity, accountData.Roles); httpApplication.Context.User = principal; Thread.CurrentPrincipal = principal; } catch { } }
protected void Application_AuthenticateRequest() { if (Context.User == null) { return; } //no user set //Get Current User Username string username = Context.User.Identity.Name; //Setup DbContext string[] roles = null; using (WSADDbContext context = new WSADDbContext()) { //Add roles to IPrincipal Object User userDTO = context.Users.FirstOrDefault(row => row.Username == username); if (userDTO != null) { roles = context.UserRoles.Where(row => row.UserId == userDTO.Id) .Select(row => row.Role.Name) .ToArray(); } } //Build IPrincipal Object IIdentity userIdentity = new GenericIdentity(username); IPrincipal newUserObj = new System.Security.Principal.GenericPrincipal(userIdentity, roles); //Update Context.User with Iprincipal Context.User = newUserObj; }
protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { HttpRequestMessage r = request; if (r.Headers.Authorization == null) { return Login(); } AuthenticationHeaderValue auth = r.Headers.Authorization; byte[] decodedBytes = Convert.FromBase64String(auth.Parameter); string decodedUserAndPassword = Encoding.UTF8.GetString(decodedBytes); string[] userAndPassword = decodedUserAndPassword.Split(':'); string user = userAndPassword[0]; string password = userAndPassword[1]; UserCredentials credentials = Validate(user, password); if (credentials != null) { var p = new GenericPrincipal(new GenericIdentity(credentials.User), credentials.Roles.ToArray()); Thread.CurrentPrincipal = p; return base.SendAsync(request, cancellationToken); } // fail return Login(); }
protected void Application_AuthenticateRequest(Object sender, EventArgs e) { if (Request.IsAuthenticated == true) { HttpCookie authenCookie = HttpContext.Current.Request.Cookies.Get(FormsAuthentication.FormsCookieName); if (authenCookie == null) { FormsAuthentication.SignOut(); HttpContext.Current.User = null; return; } FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authenCookie.Value); FormsIdentity id = new FormsIdentity(ticket); UserToken token = SiteSecurity.GetToken(ticket.Name); if (token != null) { GenericPrincipal principal = new GenericPrincipal(id, new string[] {token.Role}); HttpContext.Current.User = principal; } else { FormsAuthentication.SignOut(); HttpContext.Current.User = null; } } }
public void Initialize() { var principal = new GenericPrincipal( new GenericIdentity("Felipe"), new string[] { "CarRentalAdmin" }); Thread.CurrentPrincipal = principal; }
void Application_AuthenticateRequest(object sender, EventArgs e) { string cookieName = FormsAuthentication.FormsCookieName; HttpCookie authCookie = Context.Request.Cookies[cookieName]; if (null == authCookie) { //There is no authentication cookie. return; } FormsAuthenticationTicket authTicket = null; try { authTicket = FormsAuthentication.Decrypt(authCookie.Value); } catch (Exception ex) { //Write the exception to the Event Log. return; } if (null == authTicket) { //Cookie failed to decrypt. return; } //When the ticket was created, the UserData property was assigned a //pipe-delimited string of group names. string[] groups = authTicket.UserData.Split(new char[] { '|' }); //Create an Identity. GenericIdentity id = new GenericIdentity(authTicket.Name, "LdapAuthentication"); //This principal flows throughout the request. GenericPrincipal principal = new GenericPrincipal(id, groups); Context.User = principal; }
public void RunBeforeEachTest() { System.Security.Principal.GenericIdentity identity = new System.Security.Principal.GenericIdentity("unittest\\user", "UnitTestAuth"); System.Security.Principal.GenericPrincipal gp = new System.Security.Principal.GenericPrincipal(identity, new string[] { "FirstRole", "ThirdRole" }); System.Threading.Thread.CurrentPrincipal = gp; }
private void SetPrincipal(Users user) { IPrincipal principal = new System.Security.Principal.GenericPrincipal( new System.Security.Principal.GenericIdentity(user.email), new string[] { /* fill roles if any */ }); Thread.CurrentPrincipal = principal; if (HttpContext.Current != null) { HttpContext.Current.User = principal; } }
public void GlobalNotificationToggle_SendPublicTweet_True_Correct() { var db = new TestTweetHarborDbContext(); var user = UserHelper.ArrangeNewUserDefault(); db.Users.Add(user); var proj = new Project() { ProjectName = "The Test Project", SendPrivateTweetOnFailure = true, SendPrivateTweetOnSuccess = true, SendPublicTweetOnFailure = false, SendPublicTweetOnSuccess = true, User = user }; db.Projects.Add(proj); var ts = new TestTweetHarborTwitterService(); var auth = new Mock <IFormsAuthenticationWrapper>(); var controller = new AccountController(db, ts, auth.Object); var ident = new GenericIdentity("localtestuser"); System.Security.Principal.GenericPrincipal c = new System.Security.Principal.GenericPrincipal(ident, new string[] { }); controller.SetFakeControllerContext(c); var res = controller.GlobalNotificationToggle("SendPublicTweet", true); Assert.IsInstanceOfType(res.Data, typeof(JsonResultModel)); var rm = (JsonResultModel)res.Data; Assert.IsTrue(rm.Success); Assert.IsTrue(rm.Message == "Value has been updated"); Assert.AreEqual(true, db.Users.FirstOrDefault(u => u.UserName == ident.Name).SendPublicTweet); }
/// <summary> /// 用户登录 /// </summary> /// <param name="name">账户名</param> /// <param name="psd">账户密码</param> /// <returns>Account</returns> public Account Logon(UserLogOnModel model) { Account user = null; //创建账户仓储 IRepository <Account> accountRep = FBS.Factory.Factory <IRepository <Account> > .GetConcrete <Account>(); ISpecification <Account> namespec; if (string.IsNullOrEmpty(model.Email) && !string.IsNullOrEmpty(model.UserName)) { //昵称登录 namespec = new Specification <Account>(o => o.UserName == model.UserName); } else if (string.IsNullOrEmpty(model.UserName) && !string.IsNullOrEmpty(model.Email)) { //邮箱登录 namespec = new Specification <Account>(o => o.Email == model.Email);//查询条件 } else { throw new NullReferenceException("用户登录时,用户名和邮箱至少使用一个"); } if (accountRep.Exists(namespec))//这个账户是否存在 { user = accountRep.Find(namespec); if (!user.CheckPsd(model.Password)) { throw new LogonException("密码错误");//账户存在,密码错误 } else { if (new UserEntryService().CheckForbidden(user.Id)) { throw new LogonException("您由于不遵守相关规定,账户被禁用");//您由于不遵守相关规定,账户被禁用 } //将Identify更新到HttpContext中 UserIdentity u = new UserIdentity("Forms", true, user.Id.ToString()); /*UserInfoService uis=new UserInfoService(); * string[] roles=uis.GetUserRoles(user.Id);*/ string[] roles = user.Roles.Split('|'); if (roles == null) { roles = new string[1] { string.Empty } } ; System.Security.Principal.GenericPrincipal gp = new System.Security.Principal.GenericPrincipal(u, roles); HttpContext.Current.User = gp; //添加ticket到cookie FormsAuthenticationTicket ticket = AuthenticationHelper.CreateAuthenticationTicket(user.Id.ToString(), user.UserName, model.RememberMe); AuthenticationHelper.SetAuthenticalCookie(ticket); } } else { throw new LogonException("账户不存在");//账户不存在 } return(user); }