C# (CSharp) System.Web.Security RolePrincipal.ToEncryptedTicket Examples

ToEncryptedTicket() public method

public ToEncryptedTicket ( ) : string
return	string

Example #1

File: RoleManagerModule.cs Project: kaobeixingfu/DotNetReferenceSource

        private void OnLeave(Object source, EventArgs eventArgs)
        {
            HttpApplication app;
            HttpContext     context;

            app     = (HttpApplication)source;
            context = app.Context;

            if (!Roles.Enabled || !Roles.CacheRolesInCookie || context.Response.HeadersWritten)
            {
                return;
            }

            if (context.User == null || !(context.User is RolePrincipal) || !context.User.Identity.IsAuthenticated)
            {
                return;
            }
            if (Roles.CookieRequireSSL && !context.Request.IsSecureConnection)
            { // if cookie is sent, then clear it
                if (context.Request.Cookies[Roles.CookieName] != null)
                {
                    Roles.DeleteCookie();
                }
                return;
            }
            RolePrincipal rp = (RolePrincipal)context.User;

            if (rp.CachedListChanged && context.Request.Browser.Cookies)
            {
                string s = rp.ToEncryptedTicket();
                if (string.IsNullOrEmpty(s) || s.Length > MAX_COOKIE_LENGTH)
                {
                    Roles.DeleteCookie();
                }
                else
                {
                    HttpCookie cookie = new HttpCookie(Roles.CookieName, s);
                    cookie.HttpOnly = true;
                    cookie.Path     = Roles.CookiePath;
                    cookie.Domain   = Roles.Domain;
                    if (Roles.CreatePersistentCookie)
                    {
                        cookie.Expires = rp.ExpireDate;
                    }
                    cookie.Secure = Roles.CookieRequireSSL;
                    context.Response.Cookies.Add(cookie);
                }
            }
        }

Example #2

        private void OnLeave(object source, EventArgs eventArgs)
        {
            HttpApplication application = (HttpApplication)source;
            HttpContext     context     = application.Context;

            if (((Roles.Enabled && Roles.CacheRolesInCookie) && !context.Response.HeadersWritten) && (((context.User != null) && (context.User is RolePrincipal)) && context.User.Identity.IsAuthenticated))
            {
                if (Roles.CookieRequireSSL && !context.Request.IsSecureConnection)
                {
                    if (context.Request.Cookies[Roles.CookieName] != null)
                    {
                        Roles.DeleteCookie();
                    }
                }
                else
                {
                    RolePrincipal user = (RolePrincipal)context.User;
                    if (user.CachedListChanged && context.Request.Browser.Cookies)
                    {
                        string str = user.ToEncryptedTicket();
                        if (string.IsNullOrEmpty(str) || (str.Length > 0x1000))
                        {
                            Roles.DeleteCookie();
                        }
                        else
                        {
                            HttpCookie cookie = new HttpCookie(Roles.CookieName, str)
                            {
                                HttpOnly = true,
                                Path     = Roles.CookiePath,
                                Domain   = Roles.Domain
                            };
                            if (Roles.CreatePersistentCookie)
                            {
                                cookie.Expires = user.ExpireDate;
                            }
                            cookie.Secure = Roles.CookieRequireSSL;
                            context.Response.Cookies.Add(cookie);
                        }
                    }
                }
            }
        }

Example #3

File: RoleManagerModule.cs Project: parvez2014/MutationInjectionFramework

        void OnEndRequest(object sender, EventArgs args)
        {
            HttpApplication app = (HttpApplication)sender;

            /* if we're not enabled or configured to cache
             * cookies, bail out */
            if (_config == null || !_config.Enabled || !_config.CacheRolesInCookie)
            {
                return;
            }

            /* if the user isn't authenticated, bail
             * out */
            if (!app.Request.IsAuthenticated)
            {
                return;
            }

            /* if the configuration requires ssl for
             * cookies and we're not on an ssl connection,
             * bail out */
            if (_config.CookieRequireSSL && !app.Request.IsSecureConnection)
            {
                return;
            }

            RolePrincipal principal = app.Context.User as RolePrincipal;

            if (principal == null) /* just for my sanity */
            {
                return;
            }

            if (!principal.CachedListChanged)
            {
                return;
            }

            string ticket = principal.ToEncryptedTicket();

            if (ticket == null || ticket.Length > 4096)
            {
                ClearCookie(app, _config.CookieName);
                return;
            }

            HttpCookie cookie = new HttpCookie(_config.CookieName, ticket);

            cookie.HttpOnly = true;
            if (!string.IsNullOrEmpty(_config.Domain))
            {
                cookie.Domain = _config.Domain;
            }
            if (_config.CookieRequireSSL)
            {
                cookie.Secure = true;
            }
            if (_config.CookiePath.Length > 1) // more than '/'
            {
                cookie.Path = _config.CookiePath;
            }
            app.Response.SetCookie(cookie);
        }