public void Start()
{
try
{
if (!_initialized)
{
throw new Exception("HOST not initialized");
}
// + security: SPN registration
if (ConfigurationSettings <CSHostSettings> .Current.IsSecurityEnabled)
{
SSPIUtility.RegisterSpn(true);
if (!SSPIUtility.IsSPNRegistered)
{
AppUtil.LogEvent("DB Service: SPN is not registered. Only local connections will be served.", EventLogEntryType.Information);
}
}
// - security
_managementServer.Start();
if (LoggerManager.Instance.ServerLogger != null && LoggerManager.Instance.ServerLogger.IsInfoEnabled)
{
LoggerManager.Instance.ServerLogger.Info("ManagementHost.Start()", "Management Host started.");
}
}
catch (Exception ex)
{
if (LoggerManager.Instance.ServerLogger != null && LoggerManager.Instance.ServerLogger.IsErrorEnabled)
{
LoggerManager.Instance.ServerLogger.Error("ManagementHost.Start()", "Error:", ex);
}
throw;
}
}
private void InitializeSecurityContext()
{
//+security context initialization
string SPN;
if (SSPIUtility.IsLocalServer(_channel.PeerAddress.IpAddress))
{
SPN = null;
}
else
{
try
{
SPN = SSPIUtility.GetServicePrincipalName(MiscUtil.NOSDB_SPN, _channel.PeerAddress.IpAddress);
//SPN += (":" + _channel.PeerAddress.Port);
}
catch (System.Net.Sockets.SocketException e)
{
SPN = null;
}
}
this._clientSecurityCredential = SSPIUtility.GetClientCredentials(SPN);
this._clientSecurityContext = SSPIUtility.GetClientContext(_clientSecurityCredential, SPN);
//-security context initialization
}
public void Start()
{
// + security: SPN registration
if (ConfigurationSettings <CSHostSettings> .Current.IsSecurityEnabled)
{
SSPIUtility.RegisterSpn(true);
if (!SSPIUtility.IsSPNRegistered)
{
AppUtil.LogEvent("Configuration Service: SPN is not registered. Only local connections will be served.", EventLogEntryType.Information);
}
}
// - security
//System.IO.StreamWriter writer = new StreamWriter(@"D:\CSConfigurationLog.txt");
//try
//{
// writer.AutoFlush = true;
// writer.WriteLine("Service begin");
_configurationServer.Start();
_server.Start();
// }
// catch(Exception ex)
// {
// writer.WriteLine("Exception ::" + ex.ToString());
// AppUtil.LogEvent("Configuration Host Start:::"+ex.ToString(), EventLogEntryType.Information);
// }
//}
}
protected override void BeginProcessing()
{
RemoteConfigurationManager remoteSession = new RemoteConfigurationManager();
remoteSession.Initilize(MiscUtil.CLUSTERED, Server, Port, new ClientConfigurationFormatter(), ConfigurationConnection.Current.ClientCredential);
IList <IUser> loginList = remoteSession.GetLogins();
string currentUser = ConfigurationConnection.Current.ClientCredential.UserName;
if (!string.IsNullOrEmpty(ConfigurationConnection.Current.ClientCredential.UserName) && !UserExist(loginList, ConfigurationConnection.Current.ClientCredential.UserName))
{
try
{
SafeTokenHandle tokenHandle;
bool isLogon = SSPIUtility.LogonUser(Username, Password, out tokenHandle);
if (isLogon)
{
using (WindowsIdentity.Impersonate(tokenHandle.DangerousGetHandle()))
{
remoteSession = new RemoteConfigurationManager();
remoteSession.Initilize(MiscUtil.CLUSTERED, Server, Port, new ClientConfigurationFormatter(), ConfigurationConnection.Current.ClientCredential);
IUser user;
user = new User(currentUser);
try
{
if (remoteSession.CreateUser(user))
{
remoteSession.Grant(true, new ResourceId()
{
Name = Alachisoft.NosDB.Common.MiscUtil.NOSDB_CLUSTER_SERVER, ResourceType = Alachisoft.NosDB.Common.Security.Impl.Enums.ResourceType.System
}, user.Username, ServerRole.sysadmin.ToString());
}
}
catch (SecurityException exc)
{
if (exc.ErrorCode.Equals(ErrorCodes.Security.USER_ALREADY_EXIST))
{
remoteSession.Grant(true, new ResourceId()
{
Name = Alachisoft.NosDB.Common.MiscUtil.NOSDB_CLUSTER_SERVER, ResourceType = Alachisoft.NosDB.Common.Security.Impl.Enums.ResourceType.System
}, user.Username, ServerRole.sysadmin.ToString());
}
}
}
tokenHandle.Release();
}
}
catch (Exception ex)
{
}
}
}
public void Stop()
{
_server.Stop();
_configurationServer.Stop();
// + security: SPN registration
if (ConfigurationSettings <CSHostSettings> .Current.IsSecurityEnabled)
{
SSPIUtility.RegisterSpn(false);
if (SSPIUtility.IsSPNRegistered)
{
AppUtil.LogEvent("Configuration Service: SPN is not unregistered.", EventLogEntryType.Information);
}
}
// - security
}
public IDBResponse Authenticate(IAuthenticationOperation operation)
{
var response = operation.CreateResponse() as AuthenticationResponse;
try
{
AuthToken nextAuthToken = SecurityManager.Authenticate(_nodeContext.LocalShardName, operation, SSPIUtility.IsLocalServer(operation.Address.IpAddress), IsDistributorSession ? "NT SERVICE\\" + MiscUtil.NOSDB_DISTSVC_NAME : null);
if (response != null)
{
response.ServerToken = nextAuthToken;
return(response);
}
}
catch (SecurityException noSSecurityException)
{
if (response != null)
{
response.ErrorCode = noSSecurityException.ErrorCode;
return(response);
}
}
return(response);
}
/// <summary>
/// Use only when setting flag for local or domain account
/// </summary>
/// <param name="username"></param>
public User(string username)
{
Username = username;
AccountType = SSPIUtility.IsValidLocalAccount(username) ? AccountType.LocalAccount : AccountType.DomainAccount;
}
public Common.Security.Server.IServerAuthenticationCredential Authenticate(Common.Security.Client.IClientAuthenticationCredential clientCredentials)
{
return(dbMgtServer.Authenticate("ManagementServer", clientCredentials, this._sessionId, SSPIUtility.IsLocalServer(_channel.PeerAddress.IpAddress), IsConfigSession));
}
