| public UserLoginExternal ( Profiles.Login.Utilities.User &user ) : bool | ||
| user | Profiles.Login.Utilities.User | |
| return | bool | |
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["method"].ToString() == "logout")
{
sm.SessionLogout();
sm.SessionDestroy();
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
else if (Request.QueryString["method"].ToString() == "shibboleth")
{
// added by Eric
// If they specify an Idp, then check that they logged in from the configured IDP
bool authenticated = false;
if (ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"] == null ||
ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"].ToString().Equals(Request.Headers.Get("ShibIdentityProvider").ToString(), StringComparison.InvariantCultureIgnoreCase))
{
String userName = Request.Headers.Get(ConfigurationManager.AppSettings["Shibboleth.UserNameHeader"].ToString()); //"025693078";
if (userName != null && userName.Trim().Length > 0)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = userName;
if (data.UserLoginExternal(ref user))
{
authenticated = true;
RedirectAuthenticatedUser();
}
}
}
if (!authenticated)
{
// try and just put their name in the session.
sm.Session().ShortDisplayName = Request.Headers.Get("ShibdisplayName");
RedirectAuthenticatedUser();
}
}
else if (Request.QueryString["method"].ToString() == "login")
{
// see if they already have a login session, if so don't send them to shibboleth
Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
String viewerId = sm.Session().PersonURI;
if (viewerId != null && viewerId.Trim().Length > 0)
{
RedirectAuthenticatedUser();
}
else
{
string redirect = Root.Domain + "/login/default.aspx?method=shibboleth";
if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true")
redirect += "&edit=true";
else
redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString();
Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() +
HttpUtility.UrlEncode(redirect));
}
}
}
}
protected void cmdSubmit_Click(object sender, EventArgs e)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
if (Request.QueryString["method"].ToString() == "login")
{
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = txtUserName.Text.Trim();
user.Password = txtPassword.Text.Trim();
String adDomain = ConfigurationSettings.AppSettings["AD.Domain"];
String adUser = null;
String adPassword = null;
try
{
adUser = ConfigurationSettings.AppSettings["AD.User"];
adPassword = ConfigurationSettings.AppSettings["AD.Password"];
}
catch (Exception ex) { }
String admin = null;
try
{
admin = ConfigurationSettings.AppSettings["AD.AccessContact"];
}
catch (Exception ex) { }
using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, adDomain, adUser, adPassword))
{
// validate the credentials
if (pc.ValidateCredentials(user.UserName, user.Password))
{
if (data.UserLoginExternal(ref user))
{
if (Request.QueryString["edit"] == "true")
Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
else
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
else
{
lblError.Text = user.UserName + " is not an authorized user of the Profiles Research Networking Software application.";
if (admin != null) lblError.Text = lblError.Text + "<br>Please contact " + admin + " to obtain access.";
txtPassword.Text = "";
txtPassword.Focus();
}
}
else
{
lblError.Text = "Login failed, please try again";
txtPassword.Text = "";
txtPassword.Focus();
}
}
}
}
protected void cmdSubmit_Click(object sender, EventArgs e)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
if (Request.QueryString["method"].ToString() == "login")
{
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = txtUserName.Text.Trim();
user.Password = txtPassword.Text.Trim();
String adDomain = ConfigurationSettings.AppSettings["AD.Domain"];
String adUser = null;
String adPassword = null;
try
{
adUser = ConfigurationSettings.AppSettings["AD.User"];
adPassword = ConfigurationSettings.AppSettings["AD.Password"];
}
catch (Exception ex) { }
String admin = null;
try
{
admin = ConfigurationSettings.AppSettings["AD.AccessContact"];
}
catch (Exception ex) { }
using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, adDomain, adUser, adPassword))
{
// validate the credentials
if (pc.ValidateCredentials(user.UserName, user.Password))
{
if (data.UserLoginExternal(ref user))
{
if (Request.QueryString["edit"] == "true")
{
Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
}
else
{
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
}
else
{
lblError.Text = user.UserName + " is not an authorized user of the Profiles Research Networking Software application.";
if (admin != null)
{
lblError.Text = lblError.Text + "<br>Please contact " + admin + " to obtain access.";
}
txtPassword.Text = "";
txtPassword.Focus();
}
}
else
{
lblError.Text = "Login failed, please try again";
txtPassword.Text = "";
txtPassword.Focus();
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["method"].ToString() == "logout")
{
sm.SessionLogout();
sm.SessionDestroy();
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
else if (Request.QueryString["method"].ToString() == "shibboleth")
{
// added by Eric
// If they specify an Idp, then check that they logged in from the configured IDP
bool authenticated = false;
if (ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"] == null ||
ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"].ToString().Equals(Request.Headers.Get("ShibIdentityProvider").ToString(), StringComparison.InvariantCultureIgnoreCase))
{
String userName = Request.Headers.Get(ConfigurationManager.AppSettings["Shibboleth.UserNameHeader"].ToString()); //"025693078";
if (userName != null && userName.Trim().Length > 0)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = userName;
if (data.UserLoginExternal(ref user))
{
authenticated = true;
RedirectAuthenticatedUser();
}
}
}
if (!authenticated)
{
// try and just put their name in the session.
//sm.Session().ShortDisplayName = Request.Headers.Get("ShibdisplayName");
RedirectAuthenticatedUser();
}
}
else if (Request.QueryString["method"].ToString() == "login")
{
// see if they already have a login session, if so don't send them to shibboleth
Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
String viewerId = sm.Session().PersonURI;
if (viewerId != null && viewerId.Trim().Length > 0)
{
RedirectAuthenticatedUser();
}
else
{
string redirect = Root.Domain + "/login/default.aspx?method=shibboleth";
if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true")
{
redirect += "&edit=true";
}
else
{
redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString();
}
Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() +
HttpUtility.UrlEncode(redirect));
}
}
}
}
