private async void button5_Click(object sender, EventArgs e) { List <string> grupy = new List <string> { "jira-users", "jira-restricted-users", "confluence-users", "confluence-restricted-users", "stash-users" }; timer.Start(); using (Authentication a = new Authentication()) { AuthenticatedToken token = a.Authenticate(); try { SecurityServer s = a.securityServer; List <string> Allusers = await s.findAllPrincipalsAsync(token); List <string> tempUsers = new List <string>(); foreach (string g in grupy) { SOAPGroup group = await s.findGroup(token, g); foreach (var m in group.members) { Allusers.Remove(m); this.Text = timer.Elapsed.ToString(@"mm\:ss\:ff"); } } tempUsers.AddRange(Allusers); foreach (var u in tempUsers) { SOAPPrincipal SOAPuser = await s.findPrincipalAsync(token, u); if (!SOAPuser.active) { Allusers.Remove(SOAPuser.name); this.Text = timer.Elapsed.ToString(@"mm\:ss\:ff"); } } Allusers.Sort(); MessageBox.Show(string.Join(" ", Allusers), timer.Elapsed.ToString()); this.Text = "Form1"; timer.Reset(); } catch (Exception ex) { MessageBox.Show(ex.Message); } } }
public static Task <List <string> > findAllPrincipalsAsync(this SecurityServer s, AuthenticatedToken t) { var tcs = CreateSource <List <string> >(null); s.findAllPrincipalNamesCompleted += (send, args) => TransferCompletion <List <string> >(tcs, args, () => args.Result.ToList(), null); s.findAllPrincipalNamesAsync(t); return(tcs.Task); }
public static Task <SOAPPrincipal> findPrincipalAsync(this SecurityServer s, AuthenticatedToken t, string u) { var tcs = CreateSource <SOAPPrincipal>(null); s.findPrincipalWithAttributesByNameCompleted += (send, args) => TransferCompletion(tcs, args, () => args.Result, null); s.findPrincipalWithAttributesByNameAsync(t, u); return(tcs.Task); }
public static Task <List <string> > findGroupMembershipAsync(this SecurityServer s, AuthenticatedToken t, SOAPGroup group) { var tcs = CreateSource <List <string> >(null); s.findGroupMembershipsCompleted += (send, args) => TransferCompletion <List <string> >(tcs, args, () => args.Result.ToList(), null); s.findGroupMembershipsAsync(t, group.name); return(tcs.Task); }
public static Task <SOAPGroup> findGroup(this SecurityServer s, AuthenticatedToken t, string group) { var tcs = CreateSource <SOAPGroup>(null); s.findGroupWithAttributesByNameCompleted += (send, args) => TransferCompletion <SOAPGroup>(tcs, args, () => args.Result, null); s.findGroupWithAttributesByNameAsync(t, group); return(tcs.Task); }
private async void button6_Click(object sender, EventArgs e) { List <string> grupy = new List <string> { "jira-users", "jira-restricted-users" }; timer.Start(); using (Authentication a = new Authentication()) { AuthenticatedToken token = a.Authenticate(); try { SecurityServer s = a.securityServer; List <string> JiraUsers = new List <string>(); List <string> RestrictedUsers = new List <string>(); List <string> CommonUsers = new List <string>(); SOAPGroup Jiragroup = await s.findGroup(token, grupy[0]); SOAPGroup Restrictedgroup = await s.findGroup(token, grupy[1]); JiraUsers.AddRange(Jiragroup.members.ToList()); RestrictedUsers.AddRange(Restrictedgroup.members.ToList()); CommonUsers = JiraUsers.FindAll(x => RestrictedUsers.Contains(x)); List <SOAPPrincipal> CommonPrincipals = new List <SOAPPrincipal>(); foreach (var user in CommonUsers) { SOAPPrincipal SOAPuser = await s.findPrincipalAsync(token, user); if (SOAPuser.active) { CommonPrincipals.Add(SOAPuser); } } MessageBox.Show(string.Join(" ", CommonPrincipals.Select(x => x.name)), timer.Elapsed.ToString()); timer.Reset(); } catch (Exception ex) { MessageBox.Show(ex.Message); } } }
private async void button4_Click(object sender, EventArgs e) { timer.Start(); using (Authentication a = new Authentication()) { AuthenticatedToken token = a.Authenticate(); try { SecurityServer s = a.securityServer; List <string> users = await s.findAllPrincipalsAsync(token); Dictionary <string, int> UsersWithWrongPassword = new Dictionary <string, int>(); foreach (string user in users) { this.Text = timer.Elapsed.ToString(@"mm\:ss\:ff"); SOAPPrincipal SOAPuser = await s.findPrincipalAsync(token, user); if (SOAPuser.active) { try { string zleHasla = SOAPuser.attributes.SingleOrDefault(x => x.name == "invalidPasswordAttempts")?.values[0]; int.TryParse(zleHasla, out int wrPass); if (wrPass > 2) { UsersWithWrongPassword.Add(SOAPuser.attributes.SingleOrDefault(x => x.name == "displayName")?.values[0], wrPass); } } catch (Exception uex) { MessageBox.Show(uex.Message + '\n' + SOAPuser.name); } } } MessageBox.Show(string.Join("\n", UsersWithWrongPassword.OrderBy(x => x.Key)), timer.Elapsed.ToString()); this.Text = "Form1"; timer.Reset(); } catch (Exception ex) { MessageBox.Show(ex.Message); } } }
public static object SetWebServiceCredentials(object webService, SecurityServer server) { // Note "webService" parameter must be "Object", because web services create local proxy implementations // of the AuthenticationSoapHeader and do not support interfaces - hence all calls will be made through // reflection (i.e., late bound method invocation support), but everything works as expected... object with_1 = webService; // Remove domain prefix from user ID (if it has one) string userName = System.Threading.Thread.CurrentPrincipal.Identity.Name; if (userName.Contains("\\")) { userName = userName.Split('\\')[1].Trim(); } with_1.UserName = TVA.Security.Cryptography.Common.Encrypt(userName, WebServiceSecurityKey, EncryptLevel.Level4); with_1.Password = null; with_1.Server = server; with_1.PassThroughAuthentication = true; return webService; }
//private Task<SOAPPrincipal> findPrincipal(SecurityServer s, AuthenticatedToken token, string user) //{ // return Task.Run(() => // { // SOAPPrincipal u = new SOAPPrincipal(); // u = s.findPrincipalWithAttributesByName(token, user); // return u; // }); //} #endregion private async void button3_Click(object sender, EventArgs e) { timer.Start(); using (Authentication a = new Authentication()) { AuthenticatedToken token = a.Authenticate(); try { SecurityServer s = a.securityServer; List <string> users = await s.findAllPrincipalsAsync(token); List <string> notOurUsers = new List <string>(); foreach (string user in users) { SOAPPrincipal SOAPuser = await s.findPrincipalAsync(token, user); if (SOAPuser.active) { bool ourMember = SOAPuser.attributes.Select(x => x.name).Contains("lastAuthenticated"); if (!ourMember) { notOurUsers.Add(user); } } } notOurUsers.Sort(); MessageBox.Show(string.Join(" ", notOurUsers), timer.Elapsed.ToString()); timer.Reset(); } catch (Exception ex) { MessageBox.Show(ex.Message); } } }
public static bool AuthenticateUser(string userID, string password, string roleName, SecurityServer server, bool passThroughAuthentication) { //' Don't allow users to spoof authentication :) //PCS.Configuration.Common.CategorizedSettings("WebServicesDetails").Add("TestUser", My.User.CurrentPrincipal.Identity.Name, "test", False) //PCS.Configuration.Common.SaveSettings() //If passThroughAuthentication Then // Dim userName As String = System.Threading.Thread.CurrentPrincipal.Identity.Name // If userName.Contains("\") Then userName = userName.Split("\"c)(1).Trim() // If String.Compare(userID, userName, True) <> 0 Then Return False //End If try { // 04/25/2008 - PCP: Modified to use new User class contructor. PCS.Security.Application.User with_1 = new User(userID, password, server); // When not using pass through authentication, web service validates user name and password // otherwise only user name is used to verify user is in role and it becomes the responsibility // of the owning application to handle user authentication... if (! passThroughAuthentication && ! with_1.IsAuthenticated) { return false; } if (with_1.FindRole(roleName) != null) { return true; } } catch { } return false; }
public static object SetWebServiceCredentials(object webService, string userName, string password, SecurityServer server) { if (string.IsNullOrEmpty(userName)) { throw (new InvalidOperationException("No userName was specified")); } if (string.IsNullOrEmpty(password)) { throw (new InvalidOperationException("No password was specified")); } // Note "webService" parameter must be "Object", because web services create local proxy implementations // of the AuthenticationSoapHeader and do not support interfaces - hence all calls will be made through // reflection (i.e., late bound method invocation support), but everything works as expected... object with_1 = webService; with_1.UserName = TVA.Security.Cryptography.Common.Encrypt(userName, WebServiceSecurityKey, EncryptLevel.Level4); with_1.Password = TVA.Security.Cryptography.Common.Encrypt(password, WebServiceSecurityKey, EncryptLevel.Level4); with_1.Server = server; with_1.PassThroughAuthentication = false; return webService; }
/// <summary> /// Creates an instance of a user defined in the security database. /// </summary> /// <param name="username">Username of the user.</param> /// <param name="password">Password of the user.</param> /// <param name="applicationName">Name of the application for which user data is to be retrieved.</param> /// <param name="securityServer">Security server from which user data is to be retrieved.</param> /// <param name="authenticationMode">Mode of authentication to be used for authenticating credentials.</param> public User(string username, string password, string applicationName, SecurityServer securityServer, AuthenticationMode authenticationMode) : this(username, password, applicationName, securityServer, authenticationMode, true) { }
/// <summary> /// Creates an instance of a user defined in the security database. /// </summary> /// <param name="username">Username of the user.</param> /// <param name="password">Password of the user.</param> /// <param name="securityServer">Security server from which user data is to be retrieved.</param> public User(string username, string password, SecurityServer securityServer) : this(username, password, string.Empty, securityServer, AuthenticationMode.AD) { }
/// <summary> /// Creates an instance of a user defined in the security database. /// </summary> /// <param name="username">Username of the user.</param> /// <param name="password">Password of the user.</param> /// <param name="applicationName">Name of the application for which user data is to be retrieved.</param> /// <param name="securityServer">Security server from which user data is to be retrieved.</param> /// <param name="authenticationMode">Mode of authentication to be used for authenticating credentials.</param> /// <param name="authenticate">True if user credentials are to be authenticated; otherwise False.</param> /// <remarks> /// This constructor is only to be used internally by the security provider control and its sub-components. /// </remarks> internal User(string username, string password, string applicationName, SecurityServer securityServer, AuthenticationMode authenticationMode, bool authenticate) { m_username = username; m_password = password; m_applicationName = applicationName; m_securityServer = securityServer; m_authenticationMode = authenticationMode; m_groups = new List<Group>(); m_roles = new List<Role>(); m_applications = new List<Application>(); this.RefreshData(); // Retrieve user data. if (authenticate) { this.Authenticate(password); // Authenticate user crendentials. } else { m_isAuthenticated = true; // Pretend user credentials are authenticated. } }
/// <summary> /// Initializes a new instance of PCS.Web.UI.SecureUserControl class. /// </summary> /// <param name="applicationName">Name of the application as in the security database.</param> /// <param name="securityServer">One of the PCS.Security.Application.SecurityServer values.</param> public SecureUserControl(string applicationName, SecurityServer securityServer) : this(applicationName, securityServer, AuthenticationMode.AD) { }
/// <summary> /// Initializes a new instance of PCS.Web.UI.SecureUserControl class. /// </summary> /// <param name="applicationName">Name of the application as in the security database.</param> /// <param name="securityServer">One of the PCS.Security.Application.SecurityServer values.</param> /// <param name="authenticationMode">One of the PCS.Security.Application.AuthenticationMode values.</param> public SecureUserControl(string applicationName, SecurityServer securityServer, AuthenticationMode authenticationMode) { m_securityProvider = new WebSecurityProvider(); m_securityProvider.BeforeLoginPrompt += new System.EventHandler`1[[System.ComponentModel.CancelEventArgs, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](m_securityProvider_BeforeLoginPrompt);
/// <summary> /// Initializes a new instance of PCS.Web.UI.SecurePage class. /// </summary> /// <param name="applicationName">Name of the application as in the security database.</param> /// <param name="securityServer">One of the PCS.Security.Application.SecurityServer values.</param> public SecurePage(string applicationName, SecurityServer securityServer) : this(applicationName, securityServer, AuthenticationMode.AD) { }
/// <summary> /// Initializes a new instance of PCS.Web.UI.SecurePage class. /// </summary> /// <param name="applicationName">Name of the application as in the security database.</param> /// <param name="securityServer">One of the PCS.Security.Application.SecurityServer values.</param> /// <param name="authenticationMode">One of the PCS.Security.Application.AuthenticationMode values.</param> public SecurePage(string applicationName, SecurityServer securityServer, AuthenticationMode authenticationMode) { m_securityProvider = new WebSecurityProvider(); m_securityProvider.AccessDenied += new System.EventHandler`1[[System.ComponentModel.CancelEventArgs, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](m_securityProvider_AccessDenied);