private void OnLogin(WebComponent source, WebSubmission values) { string username = values.PostData["username"][0]; string password = values.PostData["password"][0]; bool auth_valid = false; if (!this.AuthRequired) { return; } using (LdapConnection ldc = new LdapConnection(this.AuthDomainController)) { try { NetworkCredential cred = new NetworkCredential(username, password, this.AuthDomain); ldc.Credential = cred; ldc.Bind(); auth_valid = true; } catch (LdapException ex) { Trace.TraceError(ex.ServerErrorMessage); Trace.TraceError(ex.Message); auth_valid = false; } } if (!auth_valid) { throw new WebHTTPException(WebHTTPResponseCode.WEB_HTTP_401_BAD_AUTH, values.RawUrl); } else { string auth_token = Guid.NewGuid().ToString(); values.SetCookieOut("auth_token", auth_token); this._auth_pairs.Add(new Tuple <string, string>(values.ClientHostname, auth_token)); throw new WebRedirectException("/"); } }
public override string Render(WebSubmission values) { StringBuilder outstr = new StringBuilder(); string xsrf_token = Guid.NewGuid().ToString(); outstr.Append(String.Format("{0}", base.RenderOpenTag())); outstr.Append(RenderPair("method", "post")); outstr.Append(RenderPair("action", this.Action)); outstr.Append(">"); // Free XSRF protection. outstr.Append(String.Format("<input type=\"hidden\" name=\"proc_xsrf_{0}\" value=\"{1}\" />", this.ID, xsrf_token)); values.SetCookieOut(String.Format("proc_xsrf_{0}", this.ID), xsrf_token); foreach (WebComponent child in this._children) { outstr.Append(child.Render(values)); } if (null != this._tagname) { outstr.Append(String.Format("</{0}>", this._tagname)); } return(outstr.ToString()); }