public sealed override bool?TryIsInRole(ExchangeRunspaceConfiguration rbacConfiguration) { if (this.descriptor == null) { this.descriptor = this.ecpFeature.GetFeatureDescriptor(); } bool value = LoginUtil.CheckUrlAccess(this.descriptor.ServerPath); return(new bool?(value)); }
private void Application_PostAuthenticateRequest(object sender, EventArgs e) { HttpContext httpContext = HttpContext.Current; string text = httpContext.Request.Headers["msExchProxyUri"]; if (!string.IsNullOrEmpty(text)) { Uri uri = new Uri(text); string text2 = (uri.Segments.Length > 1) ? uri.Segments[1].TrimEnd(new char[] { '/' }) : string.Empty; if (text2.Equals(RbacModule.ecpAppPath.Value, StringComparison.OrdinalIgnoreCase) && !text2.Equals(RbacModule.ecpAppPath.Value)) { string url = "/" + RbacModule.ecpAppPath + uri.PathAndQuery.Substring(RbacModule.ecpAppPath.Value.Length + 1); httpContext.Response.Redirect(url, true); return; } } if (httpContext.Request.HttpMethod == "GET" && !RbacModule.bypassXFrameOptions && !RbacModule.xFrameOptionsExceptionList.Contains(httpContext.Request.AppRelativeCurrentExecutionFilePath)) { httpContext.Response.Headers.Set("X-Frame-Options", "SameOrigin"); } AuthenticationSettings authenticationSettings = new AuthenticationSettings(httpContext); httpContext.User = authenticationSettings.Session; authenticationSettings.Session.SetCurrentThreadPrincipal(); if (!httpContext.IsAcsOAuthRequest()) { httpContext.CheckCanary(); } authenticationSettings.Session.RequestReceived(); if (authenticationSettings.Session is RbacPrincipal) { if (!OAuthHelper.IsWebRequestAllowed(httpContext)) { ErrorHandlingUtil.TransferToErrorPage("notavailableforpartner"); } if (!LoginUtil.CheckUrlAccess(httpContext.Request.FilePath)) { ErrorHandlingUtil.TransferToErrorPage("noroles"); return; } this.FlightRewrite(httpContext); } }