C# (CSharp) SecurityAuditHelper.WriteImpersonationFailureEvent Examples

Programming Language: C# (CSharp)

Method/Function: WriteImpersonationFailureEvent

Examples at hotexamples.com: 2

C# (CSharp) SecurityAuditHelper.WriteImpersonationFailureEvent - 2 examples found. These are the top rated real world C# (CSharp) examples of SecurityAuditHelper.WriteImpersonationFailureEvent extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

WriteTransportAuthenticationFailureEvent(3)

WriteTransportAuthenticationSuccessEvent(3)

WriteImpersonationFailureEvent(2)

WriteImpersonationSuccessEvent(2)

WriteMessageAuthenticationFailureEvent(2)

WriteMessageAuthenticationSuccessEvent(2)

WriteServiceAuthorizationFailureEvent(2)

WriteServiceAuthorizationSuccessEvent(2)

Example #1

Show file

        private IDisposable StartImpersonation2(ref MessageRpc rpc, ServiceSecurityContext securityContext, bool isSecurityContextImpersonationOn)
        {
            IDisposable disposable = null;

            try
            {
                if (isSecurityContextImpersonationOn)
                {
                    if (securityContext == null)
                    {
                        throw TraceUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("SFxSecurityContextPropertyMissingFromRequestMessage")), rpc.Request);
                    }
                    WindowsIdentity windowsIdentity = securityContext.WindowsIdentity;
                    if (windowsIdentity.User == null)
                    {
                        if (securityContext.PrimaryIdentity is WindowsSidIdentity)
                        {
                            WindowsSidIdentity primaryIdentity = (WindowsSidIdentity)securityContext.PrimaryIdentity;
                            if (primaryIdentity.SecurityIdentifier.IsWellKnown(WellKnownSidType.AnonymousSid))
                            {
                                disposable = new WindowsAnonymousIdentity().Impersonate();
                                goto Label_0103;
                            }
                            using (WindowsIdentity identity3 = new WindowsIdentity(this.GetUpnFromDownlevelName(primaryIdentity.Name), "Kerberos"))
                            {
                                disposable = identity3.Impersonate();
                                goto Label_0103;
                            }
                        }
                        throw TraceUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("SecurityContextDoesNotAllowImpersonation", new object[] { rpc.Operation.Action })), rpc.Request);
                    }
                    disposable = windowsIdentity.Impersonate();
                }
                else if (AspNetEnvironment.Current.RequiresImpersonation && (rpc.HostingProperty != null))
                {
                    disposable = rpc.HostingProperty.Impersonate();
                }
Label_0103:
                SecurityTraceRecordHelper.TraceImpersonationSucceeded(rpc.Operation);
                if (AuditLevel.Success == (this.auditLevel & AuditLevel.Success))
                {
                    SecurityAuditHelper.WriteImpersonationSuccessEvent(this.auditLogLocation, this.suppressAuditFailure, rpc.Operation.Name, System.ServiceModel.Security.SecurityUtils.GetIdentityNamesFromContext(securityContext.AuthorizationContext));
                }
            }
            catch (Exception exception)
            {
                if (Fx.IsFatal(exception))
                {
                    throw;
                }
                SecurityTraceRecordHelper.TraceImpersonationFailed(rpc.Operation, exception);
                if (AuditLevel.Failure == (this.auditLevel & AuditLevel.Failure))
                {
                    try
                    {
                        string identityNamesFromContext;
                        if (securityContext != null)
                        {
                            identityNamesFromContext = System.ServiceModel.Security.SecurityUtils.GetIdentityNamesFromContext(securityContext.AuthorizationContext);
                        }
                        else
                        {
                            identityNamesFromContext = System.ServiceModel.Security.SecurityUtils.AnonymousIdentity.Name;
                        }
                        SecurityAuditHelper.WriteImpersonationFailureEvent(this.auditLogLocation, this.suppressAuditFailure, rpc.Operation.Name, identityNamesFromContext, exception);
                    }
                    catch (Exception exception2)
                    {
                        if (Fx.IsFatal(exception2))
                        {
                            throw;
                        }
                        System.ServiceModel.DiagnosticUtility.ExceptionUtility.TraceHandledException(exception2, TraceEventType.Error);
                    }
                }
                throw;
            }
            return(disposable);
        }

Example #2

Show file

File: SecurityImpersonationBehavior.cs Project: kaobeixingfu/DotNetReferenceSource

        IDisposable StartImpersonation2(ref MessageRpc rpc, ServiceSecurityContext securityContext, bool isSecurityContextImpersonationOn)
        {
            IDisposable impersonationContext = null;

            try
            {
                if (isSecurityContextImpersonationOn)
                {
                    if (securityContext == null)
                    {
                        throw TraceUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SFxSecurityContextPropertyMissingFromRequestMessage)), rpc.Request);
                    }

                    WindowsIdentity impersonationToken = securityContext.WindowsIdentity;
                    if (impersonationToken.User != null)
                    {
                        impersonationContext = impersonationToken.Impersonate();
                    }
                    else if (securityContext.PrimaryIdentity is WindowsSidIdentity)
                    {
                        WindowsSidIdentity sidIdentity = (WindowsSidIdentity)securityContext.PrimaryIdentity;
                        if (sidIdentity.SecurityIdentifier.IsWellKnown(WellKnownSidType.AnonymousSid))
                        {
                            impersonationContext = new WindowsAnonymousIdentity().Impersonate();
                        }
                        else
                        {
                            string fullyQualifiedDomainName = GetUpnFromDownlevelName(sidIdentity.Name);
                            using (WindowsIdentity windowsIdentity = new WindowsIdentity(fullyQualifiedDomainName, SecurityUtils.AuthTypeKerberos))
                            {
                                impersonationContext = windowsIdentity.Impersonate();
                            }
                        }
                    }
                    else
                    {
                        throw TraceUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.SecurityContextDoesNotAllowImpersonation, rpc.Operation.Action)), rpc.Request);
                    }
                }
                else if (AspNetEnvironment.Current.RequiresImpersonation)
                {
                    if (rpc.HostingProperty != null)
                    {
                        impersonationContext = rpc.HostingProperty.Impersonate();
                    }
                }

                SecurityTraceRecordHelper.TraceImpersonationSucceeded(rpc.EventTraceActivity, rpc.Operation);

                // update the impersonation succeed audit
                if (AuditLevel.Success == (this.auditLevel & AuditLevel.Success))
                {
                    SecurityAuditHelper.WriteImpersonationSuccessEvent(this.auditLogLocation,
                                                                       this.suppressAuditFailure, rpc.Operation.Name, SecurityUtils.GetIdentityNamesFromContext(securityContext.AuthorizationContext));
                }
            }
            catch (Exception ex)
            {
                if (Fx.IsFatal(ex))
                {
                    throw;
                }
                SecurityTraceRecordHelper.TraceImpersonationFailed(rpc.EventTraceActivity, rpc.Operation, ex);

                //
                // Update the impersonation failure audit
                // Copy SecurityAuthorizationBehavior.Audit level to here!!!
                //
                if (AuditLevel.Failure == (this.auditLevel & AuditLevel.Failure))
                {
                    try
                    {
                        string primaryIdentity;
                        if (securityContext != null)
                        {
                            primaryIdentity = SecurityUtils.GetIdentityNamesFromContext(securityContext.AuthorizationContext);
                        }
                        else
                        {
                            primaryIdentity = SecurityUtils.AnonymousIdentity.Name;
                        }

                        SecurityAuditHelper.WriteImpersonationFailureEvent(this.auditLogLocation,
                                                                           this.suppressAuditFailure, rpc.Operation.Name, primaryIdentity, ex);
                    }
#pragma warning suppress 56500
                    catch (Exception auditException)
                    {
                        if (Fx.IsFatal(auditException))
                        {
                            throw;
                        }

                        DiagnosticUtility.TraceHandledException(auditException, TraceEventType.Error);
                    }
                }

                throw;
            }

            return(impersonationContext);
        }