/// <summary> /// Get client name /// </summary> /// <param name="oHostSecurityToken">HostSecurityToken obtained when security provider of IWS is called</param> /// <param name="memOrOrgId">Member or Org id</param> /// <param name="isMember">boolean value (is member)</param> /// <returns></returns> public ClientDetailReturnValue GetClientDetail(HostSecurityToken oHostSecurityToken, Guid memOrOrgId, bool isMember) { ClientDetailReturnValue returnValue = new ClientDetailReturnValue(); if (Functions.ValidateIWSToken(oHostSecurityToken)) { oClientService = new ClientService(); returnValue = oClientService.GetClientDetail(Functions.GetLogonIdFromToken(oHostSecurityToken), memOrOrgId, isMember); } else { returnValue = new ClientDetailReturnValue(); returnValue.Success = false; returnValue.Message = "Invalid Token"; } return(returnValue); }
private void DoLogin(string username, string password) { // Block MSH from loggin into FED because it is too well known // Block rekoop integration user as well as it should only be using web services if (username.Trim().ToLower() == "msh" || username.Trim().ToLower() == "rekoop") { _lblError.Text = "Invalid logon details"; return; } _logonService = new LogonServiceClient(); LogonReturnValue returnValue; returnValue = _logonService.Logon(username, password); if (!returnValue.Success) { _lblError.Text = returnValue.Message; return; } Session[SessionName.LogonName] = username; Session["LogonID"] = returnValue.LogonId; if (null == Session[SessionName.ControlSettings]) { PopulateControlPermissions(returnValue.UserType); } Session[SessionName.LogonSettings] = returnValue; if (!string.IsNullOrEmpty(returnValue.WebStyleSheet)) { // This session is used for all kind of operation being done on CSS files Session[SessionName.StyleSheet] = returnValue.WebStyleSheet; // This session is used for security purpose // for instance, if user change the CSS contents, then on click of preview button of ChangeStyle.aspx screen // the new temperory CSS file is created and this CSS is set to Session[SessionName.StyleSheet] // and if user wants to cancel the operation, the Session[SessionName.UserStyleSheet] will set to Session[SessionName.StyleSheet] Session[SessionName.UserStyleSheet] = returnValue.WebStyleSheet; } if (returnValue.UserType == 2) { _clientService = new ClientServiceClient(); bool isMember = true; Guid memOrOrgId = Guid.Empty; if (returnValue.MemberId == IRIS.Law.WebApp.App_Code.DataConstants.DummyGuid) { memOrOrgId = returnValue.OrganisationId; isMember = false; } else { memOrOrgId = returnValue.MemberId; } ClientDetailReturnValue _clientReturnValue = _clientService.GetClientDetail(returnValue.LogonId, memOrOrgId, isMember); Session[SessionName.MemberId] = returnValue.MemberId; Session[SessionName.OrganisationId] = returnValue.OrganisationId; Session[SessionName.ClientRef] = _clientReturnValue.ClientReference; Session[SessionName.ClientName] = _clientReturnValue.Name; } if (returnValue.IsFirstTimeLoggedIn && returnValue.UserType != 1) { Response.Redirect("~/Pages/Password/ForceChangePassword.aspx", true); } if (Session["CurrentPage"] != null) { Response.Redirect(Session["CurrentPage"].ToString()); } else { Response.Redirect("Home.aspx", true); } }
/// <summary> /// Get client name /// </summary> /// <param name="oHostSecurityToken">HostSecurityToken obtained when security provider of IWS is called</param> /// <param name="memOrOrgId">Member or Org id</param> /// <param name="isMember">boolean value (is member)</param> /// <returns></returns> public ClientDetailReturnValue GetClientDetail(HostSecurityToken oHostSecurityToken, Guid memOrOrgId, bool isMember) { ClientDetailReturnValue returnValue = new ClientDetailReturnValue(); if (Functions.ValidateIWSToken(oHostSecurityToken)) { oClientService = new ClientService(); returnValue = oClientService.GetClientDetail(Functions.GetLogonIdFromToken(oHostSecurityToken), memOrOrgId, isMember); } else { returnValue = new ClientDetailReturnValue(); returnValue.Success = false; returnValue.Message = "Invalid Token"; } return returnValue; }
/// <summary> /// Get client name /// </summary> /// <param name="logonId">Logon id obtained when logging on to the Client service</param> /// <param name="memOrOrgId">Member or Org id</param> /// <param name="isMember">boolean value (is member)</param> /// <returns></returns> public ClientDetailReturnValue GetClientDetail(Guid logonId, Guid memOrOrgId, bool isMember) { ClientDetailReturnValue returnValue = new ClientDetailReturnValue(); try { // Get the logged on user from the current logons and add their // ApplicationSettings the list of concurrent sessions. // ApplicationSettings.Instance can now be used to get the // ApplicationSettings for this session. Host.LoadLoggedOnUser(logonId); try { Guid memberId = DataConstants.DummyGuid; Guid organisationId = DataConstants.DummyGuid; if (isMember) memberId = memOrOrgId; else organisationId = memOrOrgId; Functions.RestrictRekoopIntegrationUser(UserInformation.Instance.DbUid); switch (UserInformation.Instance.UserType) { case DataConstants.UserType.Staff: // Can do everything break; case DataConstants.UserType.ThirdParty: if (!SrvClientCommon.WebAllowedToAccessClient(memberId, organisationId)) throw new Exception("Access denied"); break; case DataConstants.UserType.Client: if (!ApplicationSettings.Instance.IsUser(memberId, organisationId)) throw new Exception("Access denied"); break; default: throw new Exception("Access denied"); } returnValue.ClientReference = SrvClientCommon.GetClientReference(memOrOrgId); returnValue.Name = SrvClientCommon.GetClientName(memOrOrgId, isMember); } finally { // Remove the logged on user's ApplicationSettings from the // list of concurrent sessions Host.UnloadLoggedOnUser(); } } catch (System.Data.SqlClient.SqlException) { returnValue.Success = false; returnValue.Message = Functions.SQLErrorMessage; } catch (Exception ex) { returnValue.Success = false; returnValue.Message = ex.Message; } return returnValue; }