public void Test(string packageName, SspiContextFlags contextFlags)
        {
            var clientCredential = new SecurityCredential(packageName, SecurityCredentialUse.Outbound);
            clientCredential.Acquire();

            var serverCredential = new SecurityCredential(packageName, SecurityCredentialUse.Inbound);
            serverCredential.Acquire();

            var clientContext = new SecurityContext(clientCredential, contextFlags);
            var serverContext = new SecurityContext(serverCredential, contextFlags);

            byte[] clientToken;
            clientContext.Initialize(serverCredential.PrincipalName, null, out clientToken);

            while (true)
            {
                byte[] serverToken;
                serverContext.AcceptToken(clientToken, out serverToken);
                if (serverContext.IsInitialized && clientContext.IsInitialized)
                    break;

                clientContext.Initialize(serverCredential.PrincipalName, serverToken, out clientToken);
                if (clientContext.IsInitialized && serverContext.IsInitialized)
                    break;
            }

            clientContext.Dispose();
            serverContext.Dispose();

            clientCredential.Dispose();
            serverCredential.Dispose();
        }
        public void ShouldAquireCredentials(string packageName, SecurityCredentialUse credentialUse)
        {
            var credential = new SecurityCredential(packageName, credentialUse);

            credential.Acquire();
            credential.Dispose();
        }
Example #3
0
        public void GetGlobalEnvironment(IScriptModulePlugin plugin, ScriptData data, uint localID, out IWorld world, out IHost host)
        {
            // UUID should be changed to object owner.
            UUID               owner        = data.World.RegionInfo.EstateSettings.EstateOwner;
            SEUser             securityUser = new SEUser(owner, "Name Unassigned");
            SecurityCredential creds        = new SecurityCredential(securityUser, data.World);

            world = new World(data.World, creds);
            host  = new Host(new SOPObject(data.World, localID, creds), data.World, new ExtensionHandler(plugin.Extensions));
        }
        // public methods
        /// <summary>
        /// Transitions to the next step in the conversation.
        /// </summary>
        /// <param name="conversation">The conversation.</param>
        /// <param name="bytesReceivedFromServer">The bytes received from the server.</param>
        /// <returns>An ISaslStep.</returns>
        public ISaslStep Transition(SaslConversation conversation, byte[] bytesReceivedFromServer)
        {
            SecurityCredential securityCredential;

            try
            {
                securityCredential = SecurityCredential.Acquire(SspiPackage.Kerberos, _authorizationId, _evidence);
                conversation.RegisterItemForDisposal(securityCredential);
            }
            catch (Win32Exception ex)
            {
                throw new MongoSecurityException("Unable to acquire security credential.", ex);
            }

            byte[]          bytesToSendToServer;
            SecurityContext context;

            try
            {
                context = SecurityContext.Initialize(securityCredential, _servicePrincipalName, bytesReceivedFromServer, out bytesToSendToServer);
            }
            catch (Win32Exception ex)
            {
                if (_evidence is PasswordEvidence)
                {
                    throw new MongoSecurityException("Unable to initialize security context. Ensure the username and password are correct.", ex);
                }
                else
                {
                    throw new MongoSecurityException("Unable to initialize security context.", ex);
                }
            }

            if (!context.IsInitialized)
            {
                return(new SspiInitializeStep(_servicePrincipalName, _authorizationId, context, bytesToSendToServer));
            }

            return(new SspiNegotiateStep(_authorizationId, context, bytesToSendToServer));
        }
Example #5
0
        public ActionResult CredentialUpdatePartial(
            [ModelBinder(typeof(DevExpressEditorsBinder))] SecurityCredentialModel item, Guid objectId)
        {
            if (ModelState.IsValid)
            {
                try
                {
                    SecurityCredentialModel.CreateMap();
                    using (DBEntities context = Settings.CreateDataContext())
                    {
                        SecurityCredential obj =
                            (from p in context.SecurityCredential where p.Id == item.Id select p).FirstOrDefault();
                        if (obj != null)
                        {
                            Mapper.Map(item, obj);
                            obj.SecurityUserId = objectId;
                            if (obj.AuthenticationType == (byte)AuthenticationType.Domain)
                            {
                                obj.PasswordHash = null;
                            }
                            else if (!string.IsNullOrEmpty(item.Password))
                            {
                                obj.PasswordHash = HashHelper.GenerateStringHash(item.Password, obj.PasswordSalt);
                            }
                            context.SaveChanges();
                        }
                    }
                }
                catch (Exception e)
                {
                    ViewData["EditError"] = e.Message;
                }
            }
            else
            {
                ViewData["EditError"] = "Пожалуйста, исправте все ошибки.";
            }

            return(CredentialPartial(objectId));
        }
Example #6
0
            public FirstStep(string serviceName, string hostName, string realm, string username, SecureString password, SaslConversation conversation)
            {
                _authorizationId      = username;
                _password             = password;
                _servicePrincipalName = string.Format("{0}/{1}", serviceName, hostName);
                if (!string.IsNullOrEmpty(realm))
                {
                    _servicePrincipalName += "@" + realm;
                }

                SecurityCredential securityCredential;

                try
                {
                    securityCredential = SecurityCredential.Acquire(SspiPackage.Kerberos, _authorizationId, _password);
                    conversation.RegisterItemForDisposal(securityCredential);
                }
                catch (Win32Exception ex)
                {
                    throw new MongoAuthenticationException(conversation.ConnectionId, "Unable to acquire security credential.", ex);
                }

                try
                {
                    _context = Sspi.SecurityContext.Initialize(securityCredential, _servicePrincipalName, null, out _bytesToSendToServer);
                }
                catch (Win32Exception ex)
                {
                    if (_password != null)
                    {
                        throw new MongoAuthenticationException(conversation.ConnectionId, "Unable to initialize security context. Ensure the username and password are correct.", ex);
                    }
                    else
                    {
                        throw new MongoAuthenticationException(conversation.ConnectionId, "Unable to initialize security context.", ex);
                    }
                }
            }
        public void Test(string packageName, SspiContextFlags contextFlags)
        {
            var clientCredential = new SecurityCredential(packageName, SecurityCredentialUse.Outbound);

            clientCredential.Acquire();

            var serverCredential = new SecurityCredential(packageName, SecurityCredentialUse.Inbound);

            serverCredential.Acquire();

            var clientContext = new SecurityContext(clientCredential, contextFlags);
            var serverContext = new SecurityContext(serverCredential, contextFlags);

            byte[] clientToken;
            clientContext.Initialize(serverCredential.PrincipalName, null, out clientToken);

            while (true)
            {
                byte[] serverToken;
                serverContext.AcceptToken(clientToken, out serverToken);
                if (serverContext.IsInitialized && clientContext.IsInitialized)
                {
                    break;
                }

                clientContext.Initialize(serverCredential.PrincipalName, serverToken, out clientToken);
                if (clientContext.IsInitialized && serverContext.IsInitialized)
                {
                    break;
                }
            }

            clientContext.Dispose();
            serverContext.Dispose();

            clientCredential.Dispose();
            serverCredential.Dispose();
        }
Example #8
0
        public ActionResult CredentialAddNewPartial(
            [ModelBinder(typeof(DevExpressEditorsBinder))] SecurityCredentialModel item, Guid objectId)
        {
            if (ModelState.IsValid)
            {
                try
                {
                    SecurityCredentialModel.CreateMap();
                    using (DBEntities context = Settings.CreateDataContext())
                    {
                        SecurityCredential obj = Mapper.Map <SecurityCredentialModel, SecurityCredential>(item);
                        obj.Id             = Guid.NewGuid();
                        obj.SecurityUserId = objectId;
                        obj.PasswordSalt   = HashHelper.GenerateSalt();

                        if (obj.AuthenticationType == (byte)AuthenticationType.Generic &&
                            !string.IsNullOrEmpty(item.Password))
                        {
                            obj.PasswordHash = HashHelper.GenerateStringHash(item.Password, obj.PasswordSalt);
                        }

                        context.AddToSecurityCredential(obj);
                        context.SaveChanges();
                    }
                }
                catch (Exception e)
                {
                    ViewData["EditError"] = e.Message;
                }
            }
            else
            {
                ViewData["EditError"] = "Пожалуйста, исправте все ошибки.";
            }
            return(CredentialPartial(objectId));
        }
Example #9
0
        private async Task EnsureSecurityCredentials(User user, SecurityUser dwuser)
        {
            var filter = OptimaJet.DWKit.Core.Filter.Equals(user.Email, "Login");
            // TODO: figure out how to use OptimaJet's custom ORM
            var notFilteredCauseReasons = await SecurityCredential.SelectAsync(filter);

            var existing = notFilteredCauseReasons.FirstOrDefault(cred => cred.Login == user.Email);

            if (existing != null)
            {
                return;
            }

            var credential = new SecurityCredential {
                Id             = Guid.NewGuid(),
                SecurityUserId = dwuser.Id,
                Login          = user.Email,
                PasswordHash   = "API User",
                PasswordSalt   = "API User"
            };

            // credential.StartTracking();
            await SecurityCredential.ApplyAsync(credential);
        }
Example #10
0
 public int Add(SecurityCredential add)
 {
     return(this.List.Add(add));
 }
Example #11
0
        public async static Task Registration(Guid key, string domainLogin, string login, string password)
        {
            var invite = await InvitationLetter.SelectByKey(key);

            if (invite == null)
            {
                throw new Exception("The invitation key is incorrect!");
            }

            if (invite.DateExpired < DateTime.Now)
            {
                throw new Exception("The invitation key is expired!");
            }

            var employee = await Employee.SelectByKey(invite.EmployeeId);

            if (employee == null)
            {
                throw new Exception("The employee is not found!");
            }

            var su = await SecurityUser.SelectByKey(invite.EmployeeId);

            if (su == null)
            {
                su = new SecurityUser()
                {
                    Id    = employee.Id,
                    Name  = employee.Name,
                    Email = employee.Email
                };
                await su.ApplyAsync();
            }

            await CheckDefaultRole(employee.Id, "Users");

            var credentials = await SecurityUser.GetCredentialByUserId(su.Id);

            var containerCredential = new ObservableEntityContainer(credentials.Select(c => c.AsDynamicEntity), SecurityCredential.Model);

            containerCredential.RemoveAll();

            if (!string.IsNullOrEmpty(domainLogin))
            {
                var domainCredential = new SecurityCredential()
                {
                    Id                 = Guid.NewGuid(),
                    SecurityUserId     = su.Id,
                    Login              = domainLogin,
                    AuthenticationType = 1
                };
                containerCredential.Merge(new List <dynamic>()
                {
                    domainCredential.AsDynamicEntity
                });
            }

            if (!string.IsNullOrEmpty(login) && !string.IsNullOrEmpty(password))
            {
                var passwordSalt = HashHelper.GenerateSalt();
                var passwordHash = HashHelper.GenerateStringHash(password, passwordSalt);

                var customCredential = new SecurityCredential()
                {
                    Id                 = Guid.NewGuid(),
                    SecurityUserId     = su.Id,
                    Login              = login,
                    PasswordHash       = passwordHash,
                    PasswordSalt       = passwordSalt,
                    AuthenticationType = 0
                };
                containerCredential.Merge(new List <dynamic>()
                {
                    customCredential.AsDynamicEntity
                });
            }

            await containerCredential.ApplyAsync();

            await InvitationLetter.DeleteAsync(new Guid[] { key });
        }
Example #12
0
 public int Add(SecurityCredential add)
 {
     return this.List.Add(add);
 }
 public void ShouldAquireCredentials(string packageName, SecurityCredentialUse credentialUse)
 {
     var credential = new SecurityCredential(packageName, credentialUse);
     credential.Acquire();
     credential.Dispose();
 }