/// <summary>
/// Authenticates the specified user name and password and returns the set of authorization policies for <see cref="T:System.IdentityModel.Tokens.UserNameSecurityToken"/> security tokens.
/// </summary>
/// <param name="userName">The user name associated with the security token.</param>
/// <param name="password">The password associated with the security token.</param>
/// <returns>
/// A <see cref="T:System.Collections.ObjectModel.ReadOnlyCollection`1"/> of type <see cref="T:System.IdentityModel.Policy.IAuthorizationPolicy"/> that contains the set of authorization policies in effect for this application.
/// </returns>
/// <exception cref="T:System.ArgumentNullException">
/// <paramref name="userName"/> is null.</exception>
///
/// <exception cref="T:System.IdentityModel.Tokens.SecurityTokenValidationException">
/// <paramref name="userName"/> and <paramref name="password"/> combination are not valid.</exception>
protected override ReadOnlyCollection <IAuthorizationPolicy> ValidateUserNamePasswordCore(string userName, string password)
{
ReadOnlyCollection <IAuthorizationPolicy> currentPolicies = base.ValidateUserNamePasswordCore(userName, password);
List <IAuthorizationPolicy> newPolicies = new List <IAuthorizationPolicy>(currentPolicies);
string tenant = string.Empty;
// Split the tenant and username fields
string[] credentials = userName.Split(new char[] { '\\' }, StringSplitOptions.RemoveEmptyEntries);
if (credentials.Length > 1)
{
tenant = credentials[0];
userName = credentials[1];
}
// Validate the user name and password
RequestContextData contextData = UserAccountCache.GetRequestContext(userName, password, tenant);
if (contextData == null)
{
throw new SecurityTokenValidationException("Invalid username and/or password.");
}
// Extend the original context with culture information
newPolicies.Add(new IdentityTenantAuthorizationPolicy(contextData.Identity, contextData.Tenant));
return(newPolicies.AsReadOnly());
}
public BizResult ChangeUserPassword(string userName, string oldPassword, string newPassword)
{
try
{
var edc = DataContext.GetEntityDataContext();
var userInfo = GetUserInfo(userName);
var user = edc.Entities.Object_Defs.OfType <Worker>().FirstOrDefault(w =>
w.Id == userInfo.Id &&
w.User_Password == oldPassword);
if (user == null)
{
return new BizResult {
Type = BizResultType.Error, Message = "Неверное имя пользователя или пароль!"
}
}
;
user.User_Password = newPassword;
edc.SaveChanges();
UserAccountCache.Remove(userName);
}
catch
{
return(new BizResult {
Type = BizResultType.Error, Message = "Неверное имя пользователя или пароль!"
});
}
return(new BizResult {
Type = BizResultType.Message, Message = "Смена пароля прошла успешно."
});
}
public void UserAccountCacheTest( )
{
const string username = "******";
const string password = "******";
UserAccount account = null;
try
{
UserAccount existingAccount = Entity.GetByName <UserAccount>(username, true).FirstOrDefault( );
if (existingAccount != null)
{
existingAccount.Delete( );
}
account = new UserAccount
{
Name = username,
Password = password,
AccountStatus_Enum = UserAccountStatusEnum_Enumeration.Active
};
account.Save( );
Assert.AreEqual(0, GetUserAccountCacheCount( ));
Assert.AreEqual(0, GetUserAccountCacheTenantCount(RunAsDefaultTenant.DefaultTenantName));
UserAccountCache.GetRequestContext(username, password, RunAsDefaultTenant.DefaultTenantName);
Assert.AreEqual(1, GetUserAccountCacheCount( ));
Assert.AreEqual(1, GetUserAccountCacheTenantCount(RunAsDefaultTenant.DefaultTenantName));
using (var domain = new TestAppDomain( ))
{
Func <MessageEventArgs <TestMessage>, bool> predicate = m => m.Message.Action == "EDC" && m.Message.Items.Contains(username);
var instance = domain.InjectType <SubscriberRefObject <TestMessage> >(UserAccountCache.CacheName, RunAsDefaultTenant.DefaultTenantName, predicate);
UserAccountCache.Invalidate(username, RunAsDefaultTenant.DefaultTenantName);
bool waitOne = instance.MessageReceived.WaitOne(DefaultTimeout);
Assert.IsTrue(waitOne, "No message received in " + DefaultTimeout + "ms.");
Assert.GreaterOrEqual(instance.ReceivedMessages.Count, 1);
MessageEventArgs <TestMessage> message = instance.ReceivedMessages.FirstOrDefault(predicate);
Assert.IsNotNull(message, "Received message is invalid");
}
}
finally
{
if (account != null)
{
account.Delete( );
}
}
}
/// <summary>
/// Invalidates the specified tenant.
/// </summary>
/// <param name="tenant">The tenant.</param>
public static void Invalidate(IEntityRef tenant)
{
if (tenant == null)
{
return;
}
using (new SecurityBypassContext())
{
using (new EntityTypeContext( ))
{
/////
// Invalidate all the caches that could possible hold this entity.
/////
var ids = GetEntityIdentifiers(tenant.Id);
using (new DeferredChannelMessageContext( ))
{
foreach (var id in ids)
{
/////
// EntityCache implicitly removes from the EntityFieldCache
// as well as the EntityRelationshipCache (in both directions).
/////
EntityCache.Instance.Remove(id);
}
}
InvalidateLocalProcessImpl(tenant.Id);
using (var channel = CreateMessageChannel( ))
{
if (channel != null)
{
var message = new TenantHelperMessage
{
MessageType = TenantHelperMessageType.InvalidateTenant,
TenantId = tenant.Id
};
message.EntityIds.UnionWith(ids);
channel.Publish(message, PublishOptions.None, false, MergeMessages);
}
}
}
string tenantName;
using (new TenantAdministratorContext(0))
{
tenantName = Entity.GetName(tenant.Id);
}
UserAccountCache.Invalidate(tenantName);
}
}
public override void Initialise(IConfigSource source)
{
IConfig moduleConfig = source.Configs["Modules"];
if (moduleConfig != null)
{
string name = moduleConfig.GetString("UserAccountServices", "");
if (name == Name)
{
IConfig userConfig = source.Configs["UserAccountService"];
if (userConfig == null)
{
m_log.Error("[USER CONNECTOR]: UserAccountService missing from OpenSim.ini");
return;
}
m_Enabled = true;
base.Initialise(source);
m_Cache = new UserAccountCache();
m_log.Info("[USER CONNECTOR]: Remote users enabled");
}
}
}
