public void Start() { try { if (!_initialized) { throw new Exception("HOST not initialized"); } // + security: SPN registration if (ConfigurationSettings <CSHostSettings> .Current.IsSecurityEnabled) { SSPIUtility.RegisterSpn(true); if (!SSPIUtility.IsSPNRegistered) { AppUtil.LogEvent("DB Service: SPN is not registered. Only local connections will be served.", EventLogEntryType.Information); } } // - security _managementServer.Start(); if (LoggerManager.Instance.ServerLogger != null && LoggerManager.Instance.ServerLogger.IsInfoEnabled) { LoggerManager.Instance.ServerLogger.Info("ManagementHost.Start()", "Management Host started."); } } catch (Exception ex) { if (LoggerManager.Instance.ServerLogger != null && LoggerManager.Instance.ServerLogger.IsErrorEnabled) { LoggerManager.Instance.ServerLogger.Error("ManagementHost.Start()", "Error:", ex); } throw; } }
private void InitializeSecurityContext() { //+security context initialization string SPN; if (SSPIUtility.IsLocalServer(_channel.PeerAddress.IpAddress)) { SPN = null; } else { try { SPN = SSPIUtility.GetServicePrincipalName(MiscUtil.NOSDB_SPN, _channel.PeerAddress.IpAddress); //SPN += (":" + _channel.PeerAddress.Port); } catch (System.Net.Sockets.SocketException e) { SPN = null; } } this._clientSecurityCredential = SSPIUtility.GetClientCredentials(SPN); this._clientSecurityContext = SSPIUtility.GetClientContext(_clientSecurityCredential, SPN); //-security context initialization }
public void Start() { // + security: SPN registration if (ConfigurationSettings <CSHostSettings> .Current.IsSecurityEnabled) { SSPIUtility.RegisterSpn(true); if (!SSPIUtility.IsSPNRegistered) { AppUtil.LogEvent("Configuration Service: SPN is not registered. Only local connections will be served.", EventLogEntryType.Information); } } // - security //System.IO.StreamWriter writer = new StreamWriter(@"D:\CSConfigurationLog.txt"); //try //{ // writer.AutoFlush = true; // writer.WriteLine("Service begin"); _configurationServer.Start(); _server.Start(); // } // catch(Exception ex) // { // writer.WriteLine("Exception ::" + ex.ToString()); // AppUtil.LogEvent("Configuration Host Start:::"+ex.ToString(), EventLogEntryType.Information); // } //} }
protected override void BeginProcessing() { RemoteConfigurationManager remoteSession = new RemoteConfigurationManager(); remoteSession.Initilize(MiscUtil.CLUSTERED, Server, Port, new ClientConfigurationFormatter(), ConfigurationConnection.Current.ClientCredential); IList <IUser> loginList = remoteSession.GetLogins(); string currentUser = ConfigurationConnection.Current.ClientCredential.UserName; if (!string.IsNullOrEmpty(ConfigurationConnection.Current.ClientCredential.UserName) && !UserExist(loginList, ConfigurationConnection.Current.ClientCredential.UserName)) { try { SafeTokenHandle tokenHandle; bool isLogon = SSPIUtility.LogonUser(Username, Password, out tokenHandle); if (isLogon) { using (WindowsIdentity.Impersonate(tokenHandle.DangerousGetHandle())) { remoteSession = new RemoteConfigurationManager(); remoteSession.Initilize(MiscUtil.CLUSTERED, Server, Port, new ClientConfigurationFormatter(), ConfigurationConnection.Current.ClientCredential); IUser user; user = new User(currentUser); try { if (remoteSession.CreateUser(user)) { remoteSession.Grant(true, new ResourceId() { Name = Alachisoft.NosDB.Common.MiscUtil.NOSDB_CLUSTER_SERVER, ResourceType = Alachisoft.NosDB.Common.Security.Impl.Enums.ResourceType.System }, user.Username, ServerRole.sysadmin.ToString()); } } catch (SecurityException exc) { if (exc.ErrorCode.Equals(ErrorCodes.Security.USER_ALREADY_EXIST)) { remoteSession.Grant(true, new ResourceId() { Name = Alachisoft.NosDB.Common.MiscUtil.NOSDB_CLUSTER_SERVER, ResourceType = Alachisoft.NosDB.Common.Security.Impl.Enums.ResourceType.System }, user.Username, ServerRole.sysadmin.ToString()); } } } tokenHandle.Release(); } } catch (Exception ex) { } } }
public void Stop() { _server.Stop(); _configurationServer.Stop(); // + security: SPN registration if (ConfigurationSettings <CSHostSettings> .Current.IsSecurityEnabled) { SSPIUtility.RegisterSpn(false); if (SSPIUtility.IsSPNRegistered) { AppUtil.LogEvent("Configuration Service: SPN is not unregistered.", EventLogEntryType.Information); } } // - security }
public IDBResponse Authenticate(IAuthenticationOperation operation) { var response = operation.CreateResponse() as AuthenticationResponse; try { AuthToken nextAuthToken = SecurityManager.Authenticate(_nodeContext.LocalShardName, operation, SSPIUtility.IsLocalServer(operation.Address.IpAddress), IsDistributorSession ? "NT SERVICE\\" + MiscUtil.NOSDB_DISTSVC_NAME : null); if (response != null) { response.ServerToken = nextAuthToken; return(response); } } catch (SecurityException noSSecurityException) { if (response != null) { response.ErrorCode = noSSecurityException.ErrorCode; return(response); } } return(response); }
/// <summary> /// Use only when setting flag for local or domain account /// </summary> /// <param name="username"></param> public User(string username) { Username = username; AccountType = SSPIUtility.IsValidLocalAccount(username) ? AccountType.LocalAccount : AccountType.DomainAccount; }
public Common.Security.Server.IServerAuthenticationCredential Authenticate(Common.Security.Client.IClientAuthenticationCredential clientCredentials) { return(dbMgtServer.Authenticate("ManagementServer", clientCredentials, this._sessionId, SSPIUtility.IsLocalServer(_channel.PeerAddress.IpAddress), IsConfigSession)); }