public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null) { if (credentials == null || String.IsNullOrEmpty(credentials.AccountName) || String.IsNullOrEmpty(credentials.AccountPassword)) { throw new MdoException("Invalid RDW credenetials"); } _creds = credentials; // see if provider was specified in datasource - use default from proxy code if not WebRequest cookieRequest = WebRequest.Create(String.IsNullOrEmpty(Cxn.DataSource.Provider) ? new Uri(new MDWSRPCs().Url) : new Uri(Cxn.DataSource.Provider)); cookieRequest.Method = "POST"; cookieRequest.ContentType = "application/x-www-form-urlencoded"; string postBody = "CacheUserName="******"&CachePassword="******"&CacheLogin=Login"; cookieRequest.ContentLength = postBody.Length; Stream requestStream = cookieRequest.GetRequestStream(); requestStream.Write(System.Text.Encoding.ASCII.GetBytes(postBody), 0, postBody.Length); requestStream.Close(); WebResponse cookieResponse = cookieRequest.GetResponse(); // expect the response URI to contain the session token for subsequent requests - throw an error if the strings are the same if (String.Equals(cookieResponse.ResponseUri.ToString(), _cxn.DataSource.Provider)) { throw new MdoException("Authentication failed. Response URI did not contain session token"); } _cxn.DataSource.Provider = cookieResponse.ResponseUri.ToString(); // set the provider to the URL containing the cookie _creds.AuthenticationToken = cookieResponse.ResponseUri.ToString(); this.isAuthorized = true; return("OK"); }
// This does an administrative visit in order to get the true user's data internal User getVisitorData(string userSitecode, string DUZ, string appPwd) { Site site = mySession.SiteTable.getSite(userSitecode); AbstractCredentials credentials = getAdministrativeCredentials(site); credentials.AuthenticationToken = userSitecode + '_' + credentials.LocalUid; credentials.SecurityPhrase = appPwd; string context = MdwsConstants.MDWS_CONTEXT; if (mySession.DefaultVisitMethod == MdwsConstants.NON_BSE_CREDENTIALS) { context = MdwsConstants.CPRS_CONTEXT; } // Here we do NOT set mySession.PrimaryPermission. This context is being set // solely for the Admin user to get the true user's credentials. mySession.PrimaryPermission // is for the true user. AbstractPermission permission = new MenuOption(context); permission.IsPrimary = true; User u = doTheVisit(userSitecode, credentials, permission); UserApi userApi = new UserApi(); User trueUser = userApi.getUser(myCxn, DUZ); myCxn.disconnect(); return(trueUser); }
public override User authenticateAndAuthorize(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource = null) { if ("prod".Equals(Mode)) { AbstractConnection vistaConnection = initializeVistaConnection(); gov.va.medora.mdo.dao.vista.VistaAccount vistaAccount = new vista.VistaAccount(vistaConnection); vistaAccount.AuthenticationMethod = this.AuthenticationMethod; vistaConnection.Account = vistaAccount; User user = vistaAccount.authenticateAndAuthorize(credentials, permission, vistaConnection.DataSource); this.isAuthenticated = vistaAccount.IsAuthenticated; this.isAuthorized = vistaAccount.IsAuthorized; return(user); } else { this.isAuthenticated = true; this.isAuthorized = true; User user = new User(); user.setName("dev"); return(user); } }
public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource) { object result = base.authorizedConnect(credentials, permission, validationDataSource); //_eventArgs.ConnectionEventType = ConnectionPoolEventArgs.ConnectionChangeEventType.ConnectionAvailable; //OnChanged(_eventArgs); return result; }
internal string buildAddRecordStatement(AbstractCredentials creds, string encryptionKey) { string phoneNum = "No phone"; if (!String.IsNullOrEmpty(creds.SubjectPhone)) { phoneNum = creds.SubjectPhone; } string result = "INSERT INTO " + _tableName + " (SessionID,SSN,Name,DUZ,SiteId,SiteName,Phone) VALUES ("; if (_encrypt) { result += "'" + escapeString(SSTCryptographer.Encrypt(creds.AuthenticationToken, encryptionKey)) + "'," + "'" + escapeString(SSTCryptographer.Encrypt(creds.FederatedUid, encryptionKey)) + "'," + "'" + escapeString(SSTCryptographer.Encrypt(creds.SubjectName, encryptionKey)) + "'," + "'" + escapeString(SSTCryptographer.Encrypt(creds.LocalUid, encryptionKey)) + "'," + "'" + escapeString(SSTCryptographer.Encrypt(creds.AuthenticationSource.SiteId.Id, encryptionKey)) + "'," + "'" + escapeString(SSTCryptographer.Encrypt(creds.AuthenticationSource.SiteId.Name, encryptionKey)) + "'," + "'" + escapeString(SSTCryptographer.Encrypt(phoneNum, encryptionKey)); } else { result += "'" + escapeString(creds.AuthenticationToken) + "'," + "'" + escapeString(creds.FederatedUid) + "'," + "'" + escapeString(creds.SubjectName) + "'," + "'" + escapeString(creds.LocalUid) + "'," + "'" + escapeString(creds.AuthenticationSource.SiteId.Id) + "'," + "'" + escapeString(creds.AuthenticationSource.SiteId.Name) + "'," + "'" + escapeString(phoneNum); } result += "');"; return(result); }
internal void doTheAuthorize(AbstractCredentials credentials, AbstractPermission permission) { //// if we are requesting CPRS context with a visit and user does not have it - add it to their account if (permission.Name == VistaConstants.CPRS_CONTEXT && !Cxn.Account.Permissions.ContainsKey(VistaConstants.CPRS_CONTEXT) && !Cxn.Account.AuthenticationMethod.Equals(VistaConstants.LOGIN_CREDENTIALS)) { addContextInVista(Cxn.Uid, permission); } else { setContext(permission); } if (String.IsNullOrEmpty(Cxn.Uid)) { if (String.IsNullOrEmpty(credentials.FederatedUid)) { throw new MdoException("Missing federated UID, cannot get local UID"); } VistaUserDao dao = new VistaUserDao(Cxn); Cxn.Uid = dao.getUserIdBySsn(credentials.FederatedUid); if (String.IsNullOrEmpty(Cxn.Uid)) { throw new MdoException("Unable to get local UID for federated ID " + credentials.FederatedUid); } } if (!credentials.Complete) { VistaUserDao dao = new VistaUserDao(Cxn); dao.addVisitorInfo(credentials); } }
public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null) { if (!(credentials is LdapCredentials)) { throw new MdoException("Invalid credentials - not LDAP credentials"); } LdapCredentials ldapCreds = (LdapCredentials)credentials; DirectoryEntry entry = new DirectoryEntry(Cxn.DataSource.Provider, ldapCreds.AccountName, ldapCreds.AccountPassword); entry.AuthenticationType = AuthenticationTypes.Secure; DirectorySearcher search = new DirectorySearcher(); search.SearchRoot = entry; search.Filter = "(&(objectClass=user)(SAMAccountName=" + ldapCreds.AccountName + "))"; //SearchResultCollection result = (SearchResultCollection)this.Cxn.query("(&(objectClass=user)(SAMAccountName=" + credentials.AccountName + "))"); SearchResultCollection result = search.FindAll(); if (result.Count != 1) { throw new MdoException("Invalid credentials"); } return(result[0].GetDirectoryEntry().Guid.ToString()); }
public TaggedTextArray visitDoD(string pwd) { Site site = mySession.SiteTable.getSite(MdwsConstants.DOD_SITE); AbstractCredentials credentials = getAdministrativeCredentials(site); credentials.SecurityPhrase = mySession.MdwsConfiguration.AllConfigs[ConfigFileConstants.PRIMARY_CONFIG_SECTION][MdwsConfigConstants.SERVICE_ACCOUNT_PASSWORD]; string context = MdwsConstants.MDWS_CONTEXT; if (mySession.DefaultVisitMethod == MdwsConstants.NON_BSE_CREDENTIALS) { context = MdwsConstants.CPRS_CONTEXT; } AbstractPermission permission = new MenuOption(context); permission.IsPrimary = true; TaggedTextArray result = new TaggedTextArray(); try { User u = doTheVisit(site.Id, credentials, permission); result.results = new TaggedText[] { new TaggedText(site.Id, u.Uid) }; addMyCxn2CxnSet(); mySession.Credentials = credentials; mySession.PrimaryPermission = permission; } catch (Exception e) { result.fault = new FaultTO(e.Message); } return(result); }
internal string login(AbstractCredentials credentials) { if (String.IsNullOrEmpty(credentials.AccountName)) { throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Access Code"); } if (String.IsNullOrEmpty(credentials.AccountPassword)) { throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Verify Code"); } VistaQuery vq = new VistaQuery("XUS SIGNON SETUP"); string rtn = (string)Cxn.query(vq); if (rtn == null) { throw new UnexpectedDataException("Unable to setup authentication"); } vq = new VistaQuery("XUS AV CODE"); // This is here so we can test with MockConnection if (Cxn.GetType().Name != "MockConnection") { vq.addEncryptedParameter(vq.LITERAL, credentials.AccountName + ';' + credentials.AccountPassword); } else { vq.addParameter(vq.LITERAL, credentials.AccountName + ';' + credentials.AccountPassword); } rtn = (string)Cxn.query(vq); //TODO - need to catch renew verify id error string[] flds = StringUtils.split(rtn, StringUtils.CRLF); if (flds[0] == "0") { throw new UnauthorizedAccessException(flds[3]); } AccountId = flds[0]; // Set the connection's UID Cxn.Uid = AccountId; // Save the credentials credentials.LocalUid = AccountId; credentials.AuthenticationSource = Cxn.DataSource; credentials.AuthenticationToken = Cxn.DataSource.SiteId.Id + '_' + AccountId; IsAuthenticated = true; Cxn.IsRemote = false; // Set the greeting if there is one if (flds.Length > 7) { return(flds[7]); } return("OK"); }
public BseVista2WebVisit(VistaAccount acct, AbstractCredentials creds, DataSource validatorDataSource) : base(acct, creds) { if (validatorDataSource != null) { _validatorDataSource = validatorDataSource; } }
public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource) { object result = base.authorizedConnect(credentials, permission, validationDataSource); //_eventArgs.ConnectionEventType = ConnectionPoolEventArgs.ConnectionChangeEventType.ConnectionAvailable; //OnChanged(_eventArgs); return(result); }
public override User authenticateAndAuthorize(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource = null) { string msg = authenticate(credentials, validationDataSource); User u = authorize(credentials, permission); u.Greeting = msg; return(u); }
public override User authorize(AbstractCredentials credentials, AbstractPermission permission) { if (_authenticate) { return(base.authorize(credentials, permission)); } isAuthorized = isAuthenticated = true; return(new User()); }
public override User authenticateAndAuthorize(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource) { if (_authenticate) { return(base.authenticateAndAuthorize(credentials, permission, validationDataSource)); } isAuthorized = isAuthenticated = true; return(new User()); }
public string login(AbstractCredentials credentials) { if (_authenticate) { return(base.login(credentials)); } isAuthorized = isAuthenticated = true; return("OK"); }
internal User toUser(AbstractCredentials credentials) { User u = new User(); u.Uid = Cxn.Uid; u.Name = new PersonName(credentials.SubjectName); u.SSN = new SocSecNum(credentials.FederatedUid); u.LogonSiteId = Cxn.DataSource.SiteId; return(u); }
public override User authorize(AbstractCredentials credentials, AbstractPermission permission) { if (permission == null) { throw new ArgumentNullException("permission"); } checkAuthorizeReadiness(); checkPermissionString(permission.Name); doTheAuthorize(credentials, permission); return(toUser(credentials)); }
public override User authorize(AbstractCredentials credentials, AbstractPermission permission) { if (_creds == null) { throw new MdoException("Invalid RDW credenetials. Must authenticate first"); } return(new User() { UserName = _creds.AccountName, Pwd = _creds.AccountPassword }); }
// Needs to return object so it can be either User or Exception on multi-site connections. public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource) { try { connect(); return(Account.authenticateAndAuthorize(credentials, permission, validationDataSource)); } catch (Exception ex) { return(ex); } }
public static bool isValidCredentials(string authenticationMethod, AbstractCredentials credentials, AbstractPermission permission) { if (credentials == null) { return(false); } if (authenticationMethod == MdwsConstants.LOGIN_CREDENTIALS) { if (String.IsNullOrEmpty(credentials.AccountName) || String.IsNullOrEmpty(credentials.AccountPassword)) { return(false); } } else if (authenticationMethod == MdwsConstants.NON_BSE_CREDENTIALS) { if (String.IsNullOrEmpty(credentials.LocalUid) || String.IsNullOrEmpty(credentials.FederatedUid) || String.IsNullOrEmpty(credentials.SubjectName) || credentials.AuthenticationSource == null || credentials.AuthenticationSource.SiteId == null || String.IsNullOrEmpty(credentials.AuthenticationSource.SiteId.Id) || String.IsNullOrEmpty(credentials.AuthenticationSource.SiteId.Name) || String.IsNullOrEmpty(credentials.AuthenticationToken)) { return(false); } } else if (authenticationMethod == MdwsConstants.BSE_CREDENTIALS_V2WEB) { if (String.IsNullOrEmpty(credentials.LocalUid) || String.IsNullOrEmpty(credentials.FederatedUid) || String.IsNullOrEmpty(credentials.SubjectName) || credentials.AuthenticationSource == null || credentials.AuthenticationSource.SiteId == null || String.IsNullOrEmpty(credentials.AuthenticationSource.SiteId.Id) || String.IsNullOrEmpty(credentials.AuthenticationSource.SiteId.Name) || String.IsNullOrEmpty(credentials.AuthenticationToken) || String.IsNullOrEmpty(credentials.SecurityPhrase)) { return(false); } } else { throw new ArgumentException("Invalid credential type"); } if (permission == null || String.IsNullOrEmpty(permission.Name)) { return(false); } return(true); }
public UserTO login(string accountUsername, string accountPwd, string permissionString = null) { // TODO - FIX!!! This is very ugly - here so that SOAP and REST services can both be stateful or stateless if (!Convert.ToBoolean(_mySession.MdwsConfiguration.AllConfigs[MdwsConfigConstants.CONNECTION_POOL_CONFIG_SECTION][MdwsConfigConstants.CONNECTION_POOLING])) { return(new gov.va.medora.mdws.AccountLib(_mySession).login(accountUsername, accountPwd, permissionString)); } UserTO result = new UserTO(); AbstractConnection c = null; try { MdwsUtils.checkNullArgs(MdwsUtils.getArgsDictionary( System.Reflection.MethodInfo.GetCurrentMethod().GetParameters(), new List <object>() { _mySession.ConnectionSet.BaseSiteId, accountUsername, accountPwd, permissionString })); c = _mySession.ConnectionSet.BaseConnection; AbstractCredentials credentials = AbstractCredentials.getCredentialsForCxn(c); credentials.AccountName = accountUsername; credentials.AccountPassword = accountPwd; c.Account.AuthenticationMethod = MdwsConstants.LOGIN_CREDENTIALS; if (String.IsNullOrEmpty(permissionString)) { permissionString = MdwsConstants.CPRS_CONTEXT; } _mySession.PrimaryPermission = new MenuOption(permissionString); _mySession.User = c.Account.authenticateAndAuthorize(credentials, _mySession.PrimaryPermission); _mySession.Credentials = credentials; // REST _mySession.setAuthorized(_mySession.ConnectionSet.BaseSiteId); // TODO - revisit, need to mark connections as authorized but more-so need to cache the symbol table // END REST result = new UserTO(_mySession.User); } catch (Exception e) { result.fault = new FaultTO(e); } finally { // REST //RestSessionMgr.getInstance().returnConnections(_mySession); // END REST } return(result); }
public static AbstractConnection authorizedConnect(string theUser, bool isBse) { string securityPhrase = (isBse ? "" : "NON-BSE"); MockApp theApp = getTheApp(securityPhrase); DataSource src = VistaSetups.getSrc(theApp.SiteTable, theApp.LoginSitecode); AbstractDaoFactory f = AbstractDaoFactory.getDaoFactory(AbstractDaoFactory.getConstant(src.Protocol)); AbstractConnection cxn = f.getConnection(src); AbstractCredentials credentials = getVisitCredentials(theApp); AbstractPermission permission = new MenuOption(theApp.User.PermissionString); theApp.User = (User)cxn.authorizedConnect(credentials, permission, null); return(cxn); }
/// <summary> /// Log onto a data source. /// </summary> /// <remarks> /// Combines authentication and authorization into a single function. /// It will create a new set of session credentials and a primary permission. /// These credentials can then be used for subsequent visits. /// Login requires a previous connection. /// </remarks> /// <param name="accountId">Access code</param> /// <param name="accountPwd">Verify code</param> /// <param name="permissionString">If blank defaults to CPRS context</param> /// <returns>UserTO</returns> public UserTO login(string accountId, string accountPwd, string permissionString) { UserTO result = new UserTO(); if (!mySession.HasBaseConnection) { result.fault = new FaultTO("There is no connection to log onto"); } else if (accountId == "") { result.fault = new FaultTO("Missing account ID"); } else if (accountPwd == "") { result.fault = new FaultTO("Missing account password"); } if (result.fault != null) { return(result); } try { AbstractConnection c = mySession.ConnectionSet.BaseConnection; AbstractCredentials credentials = AbstractCredentials.getCredentialsForCxn(c); credentials.AccountName = accountId; credentials.AccountPassword = accountPwd; c.Account.AuthenticationMethod = MdwsConstants.LOGIN_CREDENTIALS; if (String.IsNullOrEmpty(permissionString)) { permissionString = MdwsConstants.CPRS_CONTEXT; } mySession.PrimaryPermission = new MenuOption(permissionString); mySession.User = c.Account.authenticateAndAuthorize(credentials, mySession.PrimaryPermission); mySession.Credentials = credentials; result = new UserTO(mySession.User); } catch (Exception e) { result.fault = new FaultTO(e.Message); } return(result); }
public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null) { if (Cxn == null || !Cxn.IsConnected) { throw new ConnectionException("Must have connection"); } if (credentials == null) { throw new ArgumentNullException("credentials"); } else { throw new ArgumentException("Invalid credentials"); } }
internal void validateCredentials(AbstractCredentials credentials) { if (Cxn == null || !Cxn.IsConnected) { throw new MdoException(MdoExceptionCode.USAGE_NO_CONNECTION, "Must have connection"); } if (String.IsNullOrEmpty(credentials.AccountName)) { throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Access Code"); } if (String.IsNullOrEmpty(credentials.AccountPassword)) { throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Verify Code"); } }
internal void initializePool() { logging.Log.LOG("Initializing connection pools..."); if (ConnectionPools.getInstance().PoolSource != null) { logging.Log.LOG("Connection pools already initialized"); return; // already set up the pools! } SiteTable sites = new SiteTable(ConfigurationManager.AppSettings[config.AppConfigSettingsConstants.VhaSitesFilePath]); IList <AbstractPoolSource> sources = new List <AbstractPoolSource>(); ConnectionPoolsSource poolsSource = new ConnectionPoolsSource(); poolsSource.CxnSources = new Dictionary <string, ConnectionPoolSource>(); VistaDao trash = new VistaDao(); AbstractCredentials creds = getDownstreamCredentialsFromConfig(getDownstreamUserFromConfig()); foreach (DataSource source in sites.Sources) { if (!String.Equals(source.Protocol, "VISTA", StringComparison.CurrentCultureIgnoreCase)) { continue; } ConnectionPoolSource newSource = new ConnectionPoolSource() { Timeout = TimeSpan.Parse(ConfigurationManager.AppSettings["PoolConnectionTimeout"]), WaitTime = TimeSpan.Parse(ConfigurationManager.AppSettings["PoolWaitTimeout"]), MaxPoolSize = Convert.ToInt32(ConfigurationManager.AppSettings["PoolMaxSize"]), MinPoolSize = Convert.ToInt32(ConfigurationManager.AppSettings["PoolMinSize"]), PoolExpansionSize = Convert.ToInt32(ConfigurationManager.AppSettings["PoolExpansionSize"]), CxnSource = source, Credentials = creds, Permission = new MenuOption(ConfigurationManager.AppSettings["PoolUserPermission"]) }; Int32 recycleCount = 0; if (!String.IsNullOrEmpty(ConfigurationManager.AppSettings["PoolRecycleCount"]) && Int32.TryParse(ConfigurationManager.AppSettings["PoolRecycleCount"], out recycleCount)) { newSource.RecycleCount = recycleCount; } newSource.CxnSource.Protocol = "PVISTA"; poolsSource.CxnSources.Add(source.SiteId.Id, newSource); } ConnectionPools pools = (ConnectionPools)AbstractResourcePoolFactory.getResourcePool(poolsSource); logging.Log.LOG("Successfully completed connection pools initialization"); }
// This is the core visit method the others are using. The permission must have been set before // getting here. internal User doTheVisit(string sitecode, AbstractCredentials credentials, AbstractPermission permission) { Site site = mySession.SiteTable.getSite(sitecode); DataSource src = site.getDataSourceByModality("HIS"); if (src == null) { throw new Exception("No HIS data source at site " + sitecode); } AbstractDaoFactory factory = AbstractDaoFactory.getDaoFactory(AbstractDaoFactory.getConstant(src.Protocol)); myCxn = factory.getConnection(src); myCxn.Account.AuthenticationMethod = mySession.DefaultVisitMethod; if (!MdwsUtils.isValidCredentials(myCxn.Account.AuthenticationMethod, credentials, permission)) { throw new Exception("Invalid credentials"); } object result = null; if (myCxn.Account.AuthenticationMethod == VistaConstants.BSE_CREDENTIALS_V2WEB) { result = myCxn.authorizedConnect(credentials, permission, new DataSource() { ConnectionString = mySession.MdwsConfiguration.BseValidatorConnectionString }); } else { result = myCxn.authorizedConnect(credentials, permission, null); } if (result.GetType().Name.EndsWith("Exception")) { throw (Exception)result; } else { return((User)result); } }
public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null) { if (Cxn == null || !Cxn.IsConnected) { throw new MdoException(MdoExceptionCode.USAGE_NO_CONNECTION, "Must have connection"); } if (credentials == null) { throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing credentials"); } if (string.IsNullOrEmpty(AuthenticationMethod)) { throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Account AuthenticationMethod"); } if (AuthenticationMethod == VistaConstants.LOGIN_CREDENTIALS) { return login(credentials); } // Temporarily disabled - will do only V2WEB for now //else if (AuthenticationMethod == VistaConstants.BSE_CREDENTIALS_V2V) //{ // VisitTemplate visitTemplate = new BseVista2VistaVisit(this, credentials); // return visitTemplate.visit(); //} else if (AuthenticationMethod == VistaConstants.BSE_CREDENTIALS_V2WEB) { VisitTemplate visitTemplate = new BseVista2WebVisit(this, credentials, validationDataSource); return visitTemplate.visit(); } else if (AuthenticationMethod == VistaConstants.NON_BSE_CREDENTIALS) { VisitTemplate visitTemplate = new NonBseVisit(this, credentials); return visitTemplate.visit(); } else { throw new ArgumentException("Invalid credentials"); } }
public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null) { if (Cxn == null || !Cxn.IsConnected) { throw new MdoException(MdoExceptionCode.USAGE_NO_CONNECTION, "Must have connection"); } if (credentials == null) { throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing credentials"); } if (string.IsNullOrEmpty(AuthenticationMethod)) { throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Account AuthenticationMethod"); } if (AuthenticationMethod == VistaConstants.LOGIN_CREDENTIALS) { return(login(credentials)); } // Temporarily disabled - will do only V2WEB for now //else if (AuthenticationMethod == VistaConstants.BSE_CREDENTIALS_V2V) //{ // VisitTemplate visitTemplate = new BseVista2VistaVisit(this, credentials); // return visitTemplate.visit(); //} else if (AuthenticationMethod == VistaConstants.BSE_CREDENTIALS_V2WEB) { VisitTemplate visitTemplate = new BseVista2WebVisit(this, credentials, validationDataSource); return(visitTemplate.visit()); } else if (AuthenticationMethod == VistaConstants.NON_BSE_CREDENTIALS) { VisitTemplate visitTemplate = new NonBseVisit(this, credentials); return(visitTemplate.visit()); } else { throw new ArgumentException("Invalid credentials"); } }
public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null) { if (_authenticate) { return(base.authenticate(credentials, validationDataSource)); } isAuthorized = isAuthenticated = true; return("OK"); //if (Cxn == null || !Cxn.IsConnected) //{ // throw new ConnectionException("Must have connection"); //} //if (credentials == null) //{ // throw new ArgumentNullException("credentials"); //} //else //{ // throw new ArgumentException("Invalid credentials"); //} }
public override User authorize(AbstractCredentials credentials, AbstractPermission permission) { if (!(credentials is LdapCredentials)) { throw new MdoException("Invalid credentials - not LDAP credentials"); } // cxn.query only returns a SearchResultCollection so need to manually impersonate here LdapCredentials ldapCreds = (LdapCredentials)credentials; PrincipalContext principal = new PrincipalContext(ContextType.Domain); UserPrincipal user = UserPrincipal.FindByIdentity(principal, ((LdapCredentials)credentials).AccountName); if (user != null) { GroupPrincipal group = GroupPrincipal.FindByIdentity(new PrincipalContext(ContextType.Domain), IdentityType.DistinguishedName, permission.Name); if (group == null) { throw new MdoException("Unable to locate that group in Active Directory"); } if (user.IsMemberOf(group)) { User u = new User(); u.PrimaryPermission = new LdapGroup() { IsPrimary = true, Name = permission.Name, PermissionId = group.Guid.ToString() }; u.Domain = base.Cxn.DataSource.Provider; u.UserName = user.SamAccountName; return(u); } } // if we reached this point, authorization was unsuccessful - throw error throw new MdoException("User is not a member of that group"); }
//internal SqlConnection openCxn() //{ // //string cxnString = "server=" + _server + // // ";uid=" + _uid + ";pwd=" + _pwd + ";database=" + _dbName; // SqlConnection cxn = new SqlConnection(_connectionString); // cxn.Open(); // return cxn; //} public void addRecord(AbstractCredentials creds, string encryptionKey) { string sql = buildAddRecordStatement(creds, encryptionKey); _cxn.connect(); SqlCommand myCmd = new SqlCommand(sql, ((UserValidationConnection)_cxn).SqlConnection); int rows = -1; try { rows = myCmd.ExecuteNonQuery(); } catch (SqlException e) { if (e.Number != 2627) // duplicate key exception code. i.e. primary key violations are ok { throw; } } finally { _cxn.disconnect(); } }
string login(AbstractCredentials credentials) { throw new NotImplementedException("Login not yet implemented for MockAccount"); }
public override User authenticateAndAuthorize(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource) { throw new NotImplementedException(); }
public override User authorize(AbstractCredentials credentials, AbstractPermission permission) { throw new NotImplementedException(); }
// TBD - once we get some service accounts, should we verify them somehow? public override string authenticate(AbstractCredentials credentials, DataSource validationDataSource = null) { this.isAuthorized = true; this.isAuthenticated = true; return "OK"; }
public void addVisitorInfo(AbstractCredentials credentials) { string DUZ = credentials.LocalUid; string arg = "$P($G(^VA(200," + DUZ + ",0)),\"^\",1)"; //NAME arg += "_\"^\"_" + "$P($G(^VA(200," + DUZ + ",1)),\"^\",9)"; arg += "_\"^\"_" + "$P($G(^VA(200," + DUZ + ",.13)),\"^\",2)"; //OFFICE PHONE string response = ""; try { response = VistaUtils.getVariableValue(cxn, arg); } catch (Exception e) { if (e.Message.Contains("M ERROR")) { throw new ArgumentException("No such DUZ"); } else { throw e; } } if (response == "") { return; } string[] flds = StringUtils.split(response, StringUtils.CARET); credentials.FederatedUid = flds[1]; credentials.SubjectName = flds[0]; credentials.SubjectPhone = flds[2]; credentials.AuthenticationSource.SiteId.Id = cxn.DataSource.SiteId.Id; credentials.AuthenticationSource.SiteId.Name = cxn.DataSource.SiteId.Name; }
internal User toUser(AbstractCredentials credentials) { User u = new User(); u.Uid = Cxn.Uid; u.Name = new PersonName(credentials.SubjectName); u.SSN = new SocSecNum(credentials.FederatedUid); u.LogonSiteId = Cxn.DataSource.SiteId; return u; }
public override User authenticateAndAuthorize(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource = null) { this.isAuthorized = true; this.isAuthenticated = true; return new User(); }
public override User authorize(AbstractCredentials credentials, AbstractPermission permission) { this.isAuthorized = true; this.isAuthenticated = true; return new User(); }
//// Needs to return object so it can be either User or Exception on multi-site connections. //public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission) //{ // try // { // connect(); // return Account.authenticateAndAuthorize(credentials, permission); // } // catch (Exception ex) // { // return ex; // } //} // Needs to return object so it can be either User or Exception on multi-site connections. public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource) { try { connect(); return Account.authenticateAndAuthorize(credentials, permission, validationDataSource); } catch (Exception ex) { return ex; } }
public override User authorize(AbstractCredentials credentials, AbstractPermission permission) { if (permission == null) { throw new ArgumentNullException("permission"); } checkAuthorizeReadiness(); checkPermissionString(permission.Name); doTheAuthorize(credentials, permission); return toUser(credentials); }
public override User authenticateAndAuthorize(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource = null) { string msg = authenticate(credentials, validationDataSource); User u = authorize(credentials, permission); u.Greeting = msg; return u; }
public VisitTemplate(VistaAccount acct, AbstractCredentials credentials) { this.acct = acct; cxn = acct.Cxn; creds = credentials; }
public NonBseVisit(VistaAccount acct, AbstractCredentials creds) : base(acct, creds) { }
public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource) { throw new NotImplementedException(); }
//public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission) //{ // return null; //} public override object authorizedConnect(AbstractCredentials credentials, AbstractPermission permission, DataSource validationDataSource = null) { return null; }
internal string login(AbstractCredentials credentials) { if (String.IsNullOrEmpty(credentials.AccountName)) { throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Access Code"); } if (String.IsNullOrEmpty(credentials.AccountPassword)) { throw new MdoException(MdoExceptionCode.ARGUMENT_NULL, "Missing Verify Code"); } VistaQuery vq = new VistaQuery("XUS SIGNON SETUP"); string rtn = (string)Cxn.query(vq); if (rtn == null) { throw new UnexpectedDataException("Unable to setup authentication"); } vq = new VistaQuery("XUS AV CODE"); // This is here so we can test with MockConnection if (Cxn.GetType().Name != "MockConnection") { vq.addEncryptedParameter(vq.LITERAL, credentials.AccountName + ';' + credentials.AccountPassword); } else { vq.addParameter(vq.LITERAL, credentials.AccountName + ';' + credentials.AccountPassword); } rtn = (string)Cxn.query(vq); //TODO - need to catch renew verify id error string[] flds = StringUtils.split(rtn, StringUtils.CRLF); if (flds[0] == "0") { throw new UnauthorizedAccessException(flds[3]); } AccountId = flds[0]; // Set the connection's UID Cxn.Uid = AccountId; // Save the credentials credentials.LocalUid = AccountId; credentials.AuthenticationSource = Cxn.DataSource; credentials.AuthenticationToken = Cxn.DataSource.SiteId.Id + '_' + AccountId; IsAuthenticated = true; Cxn.IsRemote = false; // Set the greeting if there is one if (flds.Length > 7) { return flds[7]; } return "OK"; }