protected void cmdSubmit_Click(object sender, EventArgs e)
        {
            Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();

            if (Request.QueryString["method"].ToString() == "login")
            {
                Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
                user.UserName = txtUserName.Text.Trim();
                user.Password = txtPassword.Text.Trim();

                if (data.UserLogin(ref user))
                {
                    if (Request.QueryString["edit"] == "true")
                        Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
                    else
                        Response.Redirect(Request.QueryString["redirectto"].ToString());

                }
                else
                {
                    lblError.Text = "Login failed, please try again";
                    txtPassword.Text = "";
                    txtPassword.Focus();
                }

            }
        }
Example #2
0
        protected void cmdSubmit_Click(object sender, EventArgs e)
        {
            Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();

            Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
            user.UserName = txtUserName.Text.Trim();
            user.Password = txtUserName.Text.Trim();  // works on dev just now, need to change!

            if (user.UserName.Length == 0 && user.Password.Length == 0)
            {
                // Allow anonymous access.  Do not log in person.
                // Add the gadgets
                Session[OpenSocialManager.OPENSOCIAL_GADGETS] = txtGadgetURLS.Text;
                Session[OpenSocialManager.OPENSOCIAL_DEBUG]   = chkDebug.Checked;
                Session[OpenSocialManager.OPENSOCIAL_NOCACHE] = !chkUseCache.Checked;
                Response.Redirect(Root.Domain);
            }
            else if (sandboxPassword.Equals(txtPassword.Text.Trim()) && data.UserLogin(ref user))
            {
                // User logged in, now add the gadgets
                // add the gadgets
                Session[OpenSocialManager.OPENSOCIAL_GADGETS] = txtGadgetURLS.Text;
                Session[OpenSocialManager.OPENSOCIAL_DEBUG]   = chkDebug.Checked;
                Session[OpenSocialManager.OPENSOCIAL_NOCACHE] = !chkUseCache.Checked;
                Response.Redirect(Root.Domain);
            }
            else
            {
                lblError.Text    = "Login failed, please try again";
                txtPassword.Text = "";
                txtPassword.Focus();
            }
        }
Example #3
0
        public void autoLogin()
        {
            if (ConfigurationSettings.AppSettings["LOGIN_USER"] != null)
            {
                Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();

                if (Request.QueryString["method"].ToString() == "login")
                {
                    Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
                    user.UserName = ConfigurationSettings.AppSettings["LOGIN_USER"];
                    user.Password = ConfigurationSettings.AppSettings["LOGIN_PASSWORD"];

                    if (data.UserLogin(ref user))
                    {
                        Framework.Utilities.Cache.AlterDependency(sm.Session().SessionID);
                        if (Request.QueryString["edit"] == "true")
                        {
                            Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
                        }
                        else
                        {
                            Response.Redirect(Request.QueryString["redirectto"].ToString());
                        }
                    }
                    else
                    {
                        lblError.Text    = "Login failed, please try again";
                        txtPassword.Text = "";
                        txtPassword.Focus();
                    }
                }
            }
        }
        public void autoLogin()
        {
            if (ConfigurationSettings.AppSettings["LOGIN_USER"] != null)
            {
                Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();

                if (Request.QueryString["method"].ToString() == "login")
                {
                    Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
                    user.UserName = ConfigurationSettings.AppSettings["LOGIN_USER"];
                    user.Password = ConfigurationSettings.AppSettings["LOGIN_PASSWORD"];

                    if (data.UserLogin(ref user))
                    {
                        Framework.Utilities.Cache.AlterDependency(sm.Session().SessionID);
                        if (Request.QueryString["edit"] == "true")
                            Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
                        else
                            Response.Redirect(Request.QueryString["redirectto"].ToString());

                    }
                    else
                    {
                        lblError.Text = "Login failed, please try again";
                        txtPassword.Text = "";
                        txtPassword.Focus();
                    }

                }
            }
        }
        protected void cmdSubmit_Click(object sender, EventArgs e)
        {
            Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();

            Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
            user.UserName = txtUserName.Text.Trim();
            user.Password = txtUserName.Text.Trim();  // works on dev just now, need to change!

            if (user.UserName.Length == 0 && user.Password.Length == 0)
            {
                // Allow anonymous access.  Do not log in person.
                // Add the gadgets
                Session[OpenSocialManager.OPENSOCIAL_GADGETS] = txtGadgetURLS.Text;
                Session[OpenSocialManager.OPENSOCIAL_DEBUG] = chkDebug.Checked;
                Session[OpenSocialManager.OPENSOCIAL_NOCACHE] = !chkUseCache.Checked;
                Response.Redirect(Root.Domain);
            }
            else if (sandboxPassword.Equals(txtPassword.Text.Trim()) && data.UserLogin(ref user))
            {
                // User logged in, now add the gadgets
                // add the gadgets
                Session[OpenSocialManager.OPENSOCIAL_GADGETS] = txtGadgetURLS.Text;
                Session[OpenSocialManager.OPENSOCIAL_DEBUG] = chkDebug.Checked;
                Session[OpenSocialManager.OPENSOCIAL_NOCACHE] = !chkUseCache.Checked;
                Response.Redirect(Root.Domain);
            }
            else
            {
                lblError.Text = "Login failed, please try again";
                txtPassword.Text = "";
                txtPassword.Focus();
            }
        }
Example #6
0
        protected void cmdSubmit_Click(object sender, EventArgs e)
        {
            Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();

            if (Request.QueryString["method"].ToString() == "login")
            {
                Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
                user.UserName = txtUserName.Text.Trim();
                user.Password = txtPassword.Text.Trim();

                if (data.UserLogin(ref user))
                {
                    Framework.Utilities.Cache.AlterDependency(sm.Session().SessionID);
                    if (Request.QueryString["edit"] == "true")
                    {
                        Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
                    }
                    else
                    {
                        Response.Redirect(Request.QueryString["redirectto"].ToString());
                    }
                }
                else
                {
                    lblError.Text    = "Login failed, please try again";
                    txtPassword.Text = "";
                    txtPassword.Focus();
                }
            }
        }
        /// <summary>
        /// For User Authentication 
        /// </summary>
        /// <param name="user"></param>
        /// <param name="session"></param>
        public bool UserLogin(ref User user)
        {
            bool loginsuccess = false;

            try
            {
                SessionManagement sm = new SessionManagement();
                string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;

                SqlConnection dbconnection = new SqlConnection(connstr);

                SqlParameter[] param = new SqlParameter[4];

                dbconnection.Open();

                param[0] = new SqlParameter("@UserName", user.UserName);
                param[1] = new SqlParameter("@Password", user.Password);

                param[2] = new SqlParameter("@UserID", null);
                param[2].DbType = DbType.Int32;
                param[2].Direction = ParameterDirection.Output;

                param[3] = new SqlParameter("@PersonID", null);
                param[3].DbType = DbType.Int32;
                param[3].Direction = ParameterDirection.Output;

                //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
                ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[User.Account].[Authenticate]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param));

                dbconnection.Close();
                try
                {
                    user.UserID = Convert.ToInt32(param[2].Value.ToString());

                    if (param[3].Value != DBNull.Value)
                        user.PersonID = Convert.ToInt32(param[3].Value.ToString());
                }
                catch { }
                if (user.UserID != 0)
                {
                    loginsuccess = true;
                    sm.Session().UserID = user.UserID;
                    sm.Session().PersonID = user.PersonID;
                    sm.Session().LoginDate = DateTime.Now;
                    Session session = sm.Session();
                    SessionUpdate(ref session);
                    ActivityLog(user.PersonID, null, null);

                }

            }
            catch (Exception ex)
            {

                throw ex;
            }

            return loginsuccess;
        }
Example #8
0
        protected void cmdSubmit_Click(object sender, EventArgs e)
        {
            Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();

            if (Request.QueryString["method"].ToString() == "login")
            {
                Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
                user.UserName = txtUserName.Text.Trim();
                user.Password = txtPassword.Text.Trim();

                String adDomain = ConfigurationSettings.AppSettings["AD.Domain"];
                String adUser = null;
                String adPassword = null;
                try
                {
                    adUser = ConfigurationSettings.AppSettings["AD.User"];
                    adPassword = ConfigurationSettings.AppSettings["AD.Password"];
                }
                catch (Exception ex) { }

                String admin = null;
                try
                {
                    admin = ConfigurationSettings.AppSettings["AD.AccessContact"];
                }
                catch (Exception ex) { }

                using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, adDomain, adUser, adPassword))
                {
                    // validate the credentials
                    if (pc.ValidateCredentials(user.UserName, user.Password))
                    {
                        if (data.UserLoginExternal(ref user))
                        {
                            if (Request.QueryString["edit"] == "true")
                                Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
                            else
                                Response.Redirect(Request.QueryString["redirectto"].ToString());

                        }
                        else
                        {
                            lblError.Text = user.UserName + " is not an authorized user of the Profiles Research Networking Software application.";
                            if (admin != null) lblError.Text = lblError.Text + "<br>Please contact " + admin + " to obtain access.";
                            txtPassword.Text = "";
                            txtPassword.Focus();
                        }
                    }
                    else
                    {
                        lblError.Text = "Login failed, please try again";
                        txtPassword.Text = "";
                        txtPassword.Focus();
                    }
                }
            }
        }
Example #9
0
        /// <summary>
        /// For User Authentication 
        /// </summary>
        /// <param name="user"></param>
        /// <param name="session"></param>
        public bool UserLogin(ref User user)
        {
            bool loginsuccess = false;

            string adPath = "LDAP://uams0.ad.uams.edu:389/DC=ad,DC=uams,DC=edu";
            LdapAuthentication ldap = new LdapAuthentication(adPath);
            bool ldapLoginSuccess = false;

            string username;

            try
            {
                 ldapLoginSuccess = ldap.IsAuthenticated("UAMS", user.UserName, user.Password); //HMHULL-TODO: Do I need to have Domain be an box in the logon form?
            }
            catch (Exception e)
            {
                return false;
            }

            if (ldapLoginSuccess)
            {
                // Get the email from LDAP here and use it as the username
                username = ldap.getEmail();

                try
                {
                    SessionManagement sm = new SessionManagement();
                    string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;

                    SqlConnection dbconnection = new SqlConnection(connstr);

                    SqlParameter[] param = new SqlParameter[3];

                    dbconnection.Open();

                    param[0] = new SqlParameter("@UserName", username);

                    param[1] = new SqlParameter("@UserID", null);
                    param[1].DbType = DbType.Int32;
                    param[1].Direction = ParameterDirection.Output;

                    param[2] = new SqlParameter("@PersonID", null);
                    param[2].DbType = DbType.Int32;
                    param[2].Direction = ParameterDirection.Output;

                    //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
                    ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[User.Account].[Authenticate]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param));

                    dbconnection.Close();
                    try
                    {
                        user.UserID = Convert.ToInt32(param[1].Value.ToString());

                        if (param[2].Value != DBNull.Value)
                            user.PersonID = Convert.ToInt32(param[2].Value.ToString());
                    }
                    catch { }
                    if (user.UserID != 0)
                    {
                        loginsuccess = true;
                        sm.Session().UserID = user.UserID;
                        sm.Session().PersonID = user.PersonID;
                        sm.Session().LoginDate = DateTime.Now;
                        Session session = sm.Session();
                        SessionUpdate(ref session);

                    }

                }
                catch (Exception ex)
                {

                    throw ex;
                }

            }

            return loginsuccess && ldapLoginSuccess;
        }
Example #10
0
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {

                if (Request.QueryString["method"].ToString() == "logout")
                {

                    sm.SessionLogout();
                    sm.SessionDestroy();
                    Response.Redirect(Request.QueryString["redirectto"].ToString());
                }
                else if (Request.QueryString["method"].ToString() == "shibboleth")
                {
                    // added by Eric
                    // If they specify an Idp, then check that they logged in from the configured IDP
                    bool authenticated = false;
                    if (ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"] == null ||
                        ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"].ToString().Equals(Request.Headers.Get("ShibIdentityProvider").ToString(), StringComparison.InvariantCultureIgnoreCase))
                    {
                        String userName = Request.Headers.Get(ConfigurationManager.AppSettings["Shibboleth.UserNameHeader"].ToString()); //"025693078";
                        if (userName != null && userName.Trim().Length > 0)
                        {
                            Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
                            Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();

                            user.UserName = userName;
                            if (data.UserLoginExternal(ref user))
                            {
                                authenticated = true;
                                RedirectAuthenticatedUser();
                            }
                        }
                    }
                    if (!authenticated)
                    {
                        // try and just put their name in the session.
                        sm.Session().ShortDisplayName = Request.Headers.Get("ShibdisplayName");
                        RedirectAuthenticatedUser();
                    }
                }
                else if (Request.QueryString["method"].ToString() == "login")
                {
                    // see if they already have a login session, if so don't send them to shibboleth
                    Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
                    String viewerId = sm.Session().PersonURI;
                    if (viewerId != null && viewerId.Trim().Length > 0)
                    {
                        RedirectAuthenticatedUser();
                    }
                    else
                    {
                        string redirect = Root.Domain + "/login/default.aspx?method=shibboleth";
                        if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true")
                            redirect += "&edit=true";
                        else
                            redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString();

                        Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() +
                            HttpUtility.UrlEncode(redirect));
                    }
                }

            }
        }
Example #11
0
        protected void cmdSubmit_Click(object sender, EventArgs e)
        {
            Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();

            if (Request.QueryString["method"].ToString() == "login")
            {
                Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
                user.UserName = txtUserName.Text.Trim();
                user.Password = txtPassword.Text.Trim();

                String adDomain   = ConfigurationSettings.AppSettings["AD.Domain"];
                String adUser     = null;
                String adPassword = null;
                try
                {
                    adUser     = ConfigurationSettings.AppSettings["AD.User"];
                    adPassword = ConfigurationSettings.AppSettings["AD.Password"];
                }
                catch (Exception ex) { }

                String admin = null;
                try
                {
                    admin = ConfigurationSettings.AppSettings["AD.AccessContact"];
                }
                catch (Exception ex) { }

                using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, adDomain, adUser, adPassword))
                {
                    // validate the credentials
                    if (pc.ValidateCredentials(user.UserName, user.Password))
                    {
                        if (data.UserLoginExternal(ref user))
                        {
                            if (Request.QueryString["edit"] == "true")
                            {
                                Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
                            }
                            else
                            {
                                Response.Redirect(Request.QueryString["redirectto"].ToString());
                            }
                        }
                        else
                        {
                            lblError.Text = user.UserName + " is not an authorized user of the Profiles Research Networking Software application.";
                            if (admin != null)
                            {
                                lblError.Text = lblError.Text + "<br>Please contact " + admin + " to obtain access.";
                            }
                            txtPassword.Text = "";
                            txtPassword.Focus();
                        }
                    }
                    else
                    {
                        lblError.Text    = "Login failed, please try again";
                        txtPassword.Text = "";
                        txtPassword.Focus();
                    }
                }
            }
        }
Example #12
0
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {
                if (Request.QueryString["method"].ToString() == "logout")
                {
                    sm.SessionLogout();
                    sm.SessionDestroy();
                    Response.Redirect(Request.QueryString["redirectto"].ToString());
                }
                else if (Request.QueryString["method"].ToString() == "shibboleth")
                {
                    // added by Eric
                    // If they specify an Idp, then check that they logged in from the configured IDP
                    bool authenticated = false;
                    if (ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"] == null ||
                        ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"].ToString().Equals(Request.Headers.Get("ShibIdentityProvider").ToString(), StringComparison.InvariantCultureIgnoreCase))
                    {
                        String userName = Request.Headers.Get(ConfigurationManager.AppSettings["Shibboleth.UserNameHeader"].ToString()); //"025693078";
                        if (userName != null && userName.Trim().Length > 0)
                        {
                            Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
                            Profiles.Login.Utilities.User   user = new Profiles.Login.Utilities.User();

                            user.UserName = userName;
                            if (data.UserLoginExternal(ref user))
                            {
                                authenticated = true;
                                RedirectAuthenticatedUser();
                            }
                        }
                    }
                    if (!authenticated)
                    {
                        // try and just put their name in the session.
                        //sm.Session().ShortDisplayName = Request.Headers.Get("ShibdisplayName");
                        RedirectAuthenticatedUser();
                    }
                }
                else if (Request.QueryString["method"].ToString() == "login")
                {
                    // see if they already have a login session, if so don't send them to shibboleth
                    Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
                    String viewerId = sm.Session().PersonURI;
                    if (viewerId != null && viewerId.Trim().Length > 0)
                    {
                        RedirectAuthenticatedUser();
                    }
                    else
                    {
                        string redirect = Root.Domain + "/login/default.aspx?method=shibboleth";
                        if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true")
                        {
                            redirect += "&edit=true";
                        }
                        else
                        {
                            redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString();
                        }

                        Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() +
                                          HttpUtility.UrlEncode(redirect));
                    }
                }
            }
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {

                if (Request.QueryString["method"].ToString() == "logout")
                {

                    sm.SessionLogout();
                    sm.SessionDistroy();
                    Response.Redirect(Request.QueryString["redirectto"].ToString());
                }
                else if (Request.QueryString["method"].ToString() == "shibboleth")
                {
                    // added by Eric
                    String employeeID = Request.Headers.Get("employeeNumber"); //"025693078";
                    // new IDP
                    if (employeeID == null || employeeID.Trim().Length == 0)
                    {
                        employeeID = Request.Headers.Get("uid"); //"025693078";
                        if (employeeID != null && employeeID.Trim().Length > 9)
                        {
                            employeeID = employeeID.Substring(0, 9);
                        }
                    }
                    if (employeeID != null && employeeID.Trim().Length > 0)
                    {
                        Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
                        Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();

                        user.UserName = employeeID;
                        user.Password = employeeID;
                        if (data.UserLogin(ref user))
                        {
                            RedirectAuthenticatedUser();
                        }
                    }
                }
                else if (Request.QueryString["method"].ToString() == "login")
                {
                    // see if they already have a login session, if so don't send them to shibboleth
                    Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
                    String viewerId = sm.Session().PersonURI;
                    if (viewerId != null && viewerId.Trim().Length > 0)
                    {
                        RedirectAuthenticatedUser();
                    }
                    else
                    {
                        string redirect = Root.Domain + "/login/default.aspx?method=shibboleth";
                        if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true")
                            redirect += "&edit=true";
                        else
                            redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString();

                        Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() +
                            HttpUtility.UrlEncode(redirect));
                    }
                }

            }
        }