|
public static TraceMethodDone ( |
||
| t | ||
| methodname | string | |
| return | void | |
private void DoLogin(HttpContext context, Saml20Assertion assertion)
{
SessionStore.AssociateUserIdWithCurrentSession(assertion.Subject.Value);
// The assertion is what keeps the session alive. If it is ever removed ... the session will appear as removed in the SessionStoreProvider because Saml20AssertionLite is the only thing kept in session store when login flow is completed..
SessionStore.CurrentSession[SessionConstants.Saml20AssertionLite] = Saml20AssertionLite.ToLite(assertion);
if (Trace.ShouldTrace(TraceEventType.Information))
{
Trace.TraceData(TraceEventType.Information, string.Format(Tracing.Login, assertion.Subject.Value, assertion.SessionIndex, assertion.Subject.Format));
}
string assuranceLevel = GetAssuranceLevel(assertion) ?? "(Unknown)";
AuditLogging.logEntry(Direction.IN, Operation.LOGIN, string.Format("Subject: {0} NameIDFormat: {1} Level of authentication: {2} Session timeout in minutes: {3}", assertion.Subject.Value, assertion.Subject.Format, assuranceLevel, FederationConfig.GetConfig().SessionTimeout));
foreach (IAction action in Actions.Actions.GetActions())
{
Trace.TraceMethodCalled(action.GetType(), "LoginAction()");
action.LoginAction(this, context, assertion);
Trace.TraceMethodDone(action.GetType(), "LoginAction()");
}
}
private void DoLogin(HttpContext context, Saml20Assertion assertion)
{
SessionFactory.SessionContext.AssociateUserIdWithCurrentSession(assertion.Subject.Value);
SessionFactory.SessionContext.Current[SessionConstants.Saml20AssertionLite] = Saml20AssertionLite.ToLite(assertion);
if (Trace.ShouldTrace(TraceEventType.Information))
{
Trace.TraceData(TraceEventType.Information, string.Format(Tracing.Login, assertion.Subject.Value, assertion.SessionIndex, assertion.Subject.Format));
}
string assuranceLevel = "(unknown)";
foreach (var attribute in assertion.Attributes)
{
if (attribute.Name == "dk:gov:saml:attribute:AssuranceLevel" &&
attribute.AttributeValue != null &&
attribute.AttributeValue.Length > 0)
{
assuranceLevel = attribute.AttributeValue[0];
}
}
AuditLogging.logEntry(Direction.IN, Operation.LOGIN, string.Format("Subject: {0} NameIDFormat: {1} Level of authentication: {2} Session timeout in minutes: {3}", assertion.Subject.Value, assertion.Subject.Format, assuranceLevel, HttpContext.Current.Session.Timeout));
foreach (IAction action in Actions.Actions.GetActions())
{
Trace.TraceMethodCalled(action.GetType(), "LoginAction()");
action.LoginAction(this, context, assertion);
Trace.TraceMethodDone(action.GetType(), "LoginAction()");
}
}
private void DoLogout(HttpContext context, bool IdPInitiated)
{
try
{
foreach (IAction action in Actions.Actions.GetActions())
{
Trace.TraceMethodCalled(action.GetType(), "LogoutAction()");
action.LogoutAction(this, context, IdPInitiated);
Trace.TraceMethodDone(action.GetType(), "LogoutAction()");
}
}
finally
{
if (SessionStore.CurrentSession != null)
{
// Always end with abandoning the session.
Trace.TraceData(TraceEventType.Information, "Clearing session for userId: " + Saml20Identity.Current.Name);
SessionStore.AbandonAllSessions(Saml20Identity.Current.Name);
Trace.TraceData(TraceEventType.Verbose, "Session cleared.");
}
else
{
Trace.TraceData(TraceEventType.Warning, "The user was logged out but the session had already expired. Distributed session could therefore not be abandonded½");
}
}
}
private void DoLogout(HttpContext context, bool IdPInitiated)
{
foreach (IAction action in Actions.Actions.GetActions())
{
Trace.TraceMethodCalled(action.GetType(), "LogoutAction()");
action.LogoutAction(this, context, IdPInitiated);
Trace.TraceMethodDone(action.GetType(), "LogoutAction()");
}
}
/// <summary>
/// Is called before the assertion is made into a strongly typed representation
/// </summary>
/// <param name="context">The httpcontext.</param>
/// <param name="elem">The assertion element.</param>
/// <param name="endpoint">The endpoint.</param>
protected virtual void PreHandleAssertion(HttpContext context, XmlElement elem, IDPEndPoint endpoint)
{
Trace.TraceMethodCalled(GetType(), "PreHandleAssertion");
if (endpoint != null && endpoint.SLOEndpoint != null && !String.IsNullOrEmpty(endpoint.SLOEndpoint.IdpTokenAccessor))
{
ISaml20IdpTokenAccessor idpTokenAccessor =
Activator.CreateInstance(Type.GetType(endpoint.SLOEndpoint.IdpTokenAccessor, false)) as ISaml20IdpTokenAccessor;
if (idpTokenAccessor != null)
{
idpTokenAccessor.ReadToken(elem);
}
}
Trace.TraceMethodDone(GetType(), "PreHandleAssertion");
}
private void DoLogin(HttpContext context, Saml20Assertion assertion)
{
//User is now logged in at IDP specified in tmp
context.Session[IDPLoginSessionKey] = context.Session[IDPTempSessionKey];
context.Session[IDPSessionIdKey] = assertion.SessionIndex;
context.Session[IDPNameIdFormat] = assertion.Subject.Format;
context.Session[IDPNameId] = assertion.Subject.Value;
if (Trace.ShouldTrace(TraceEventType.Information))
{
Trace.TraceData(TraceEventType.Information, string.Format(Tracing.Login, assertion.Subject.Value, assertion.SessionIndex, assertion.Subject.Format));
}
string inResponseTo = "(unknown)";
if (assertion.GetSubjectConfirmationData() != null && assertion.GetSubjectConfirmationData().InResponseTo != null)
{
inResponseTo = assertion.GetSubjectConfirmationData().InResponseTo;
}
string assuranceLevel = "(unknown)";
foreach (var attribute in assertion.Attributes)
{
if (attribute.Name == "dk:gov:saml:attribute:AssuranceLevel" &&
attribute.AttributeValue != null &&
attribute.AttributeValue.Length > 0)
{
assuranceLevel = attribute.AttributeValue[0];
}
}
AuditLogging.logEntry(Direction.IN, Operation.LOGIN, string.Format("Subject: {0} NameIDFormat: {1} Level of authentication: {2} Session timeout in minutes: {3}", assertion.Subject.Value, assertion.Subject.Format, assuranceLevel, HttpContext.Current.Session.Timeout));
foreach (IAction action in Actions.Actions.GetActions())
{
Trace.TraceMethodCalled(action.GetType(), "LoginAction()");
action.LoginAction(this, context, assertion);
Trace.TraceMethodDone(action.GetType(), "LoginAction()");
}
}
private void DoSoapLogout(HttpContext context, string userId)
{
try
{
foreach (IAction action in Actions.Actions.GetActions())
{
Trace.TraceMethodCalled(action.GetType(), "SoapLogoutAction()");
action.SoapLogoutAction(this, context, userId);
Trace.TraceMethodDone(action.GetType(), "SoapLogoutAction()");
}
}
finally
{
// Always end with abandoning the session.
Trace.TraceData(TraceEventType.Information, "Clearing all sessions related to user with id: " + userId);
SessionStore.AbandonAllSessions(userId);
Trace.TraceData(TraceEventType.Verbose, "Sessions cleared.");
}
}
private void DoLogout(SamlHttpContext context, bool IdPInitiated)
{
try
{
foreach (IAction action in Actions.Actions.GetActions())
{
Trace.TraceMethodCalled(action.GetType(), "LogoutAction()");
action.LogoutAction(this, context, IdPInitiated);
Trace.TraceMethodDone(action.GetType(), "LogoutAction()");
}
}
finally
{
// Always end with abandoning the session.
Trace.TraceData(TraceEventType.Information, "Clearing session with id: " + SessionFactory.SessionContext.Current.Id);
SessionFactory.SessionContext.AbandonAllSessions(Saml20Identity.Current.Name);
//SessionFactory.SessionContext.AbandonCurrentSession();
Trace.TraceData(TraceEventType.Verbose, "Session cleared.");
}
}
private void DoLogin(HttpContext context, Saml20Assertion assertion)
{
//User is now logged in at IDP specified in tmp
context.Session[IDPLoginSessionKey] = context.Session[IDPTempSessionKey];
context.Session[IDPSessionIdKey] = assertion.SessionIndex;
context.Session[IDPNameIdFormat] = assertion.Subject.Format;
if (Trace.ShouldTrace(TraceEventType.Information))
{
Trace.TraceData(TraceEventType.Information, string.Format(Tracing.Login, assertion.Subject.Value, assertion.SessionIndex, assertion.Subject.Format));
}
AuditLogging.logEntry(Direction.IN, Operation.LOGIN, "Subject: " + assertion.Subject.Value + " NameIDFormat: " + assertion.Subject.Format);
foreach (IAction action in Actions.Actions.GetActions())
{
Trace.TraceMethodCalled(action.GetType(), "LoginAction()");
action.LoginAction(this, context, assertion);
Trace.TraceMethodDone(action.GetType(), "LoginAction()");
}
}
private void DoLogin(HttpContext context, Saml20Assertion assertion)
{
SessionFactory.SessionContext.AssociateUserIdWithCurrentSession(assertion.Subject.Value);
SessionFactory.SessionContext.Current[SessionConstants.Saml20AssertionLite] = Saml20AssertionLite.ToLite(assertion);
if (Trace.ShouldTrace(TraceEventType.Information))
{
Trace.TraceData(TraceEventType.Information, string.Format(Tracing.Login, assertion.Subject.Value, assertion.SessionIndex, assertion.Subject.Format));
}
string assuranceLevel = GetAssuranceLevel(assertion) ?? "(Unknown)";
AuditLogging.logEntry(Direction.IN, Operation.LOGIN, string.Format("Subject: {0} NameIDFormat: {1} Level of authentication: {2} Session timeout in minutes: {3}", assertion.Subject.Value, assertion.Subject.Format, assuranceLevel, FederationConfig.GetConfig().SessionTimeout));
foreach (IAction action in Actions.Actions.GetActions())
{
Trace.TraceMethodCalled(action.GetType(), "LoginAction()");
action.LoginAction(this, context, assertion);
Trace.TraceMethodDone(action.GetType(), "LoginAction()");
}
}
