A class that implements IPrincipal interface to facilitate custom role-based security.
Inheritance: IPrincipal
Exemple #1
0
        // Static Methods

        /// <summary>
        /// Gets the reason phrase to return for an unauthorized response.
        /// </summary>
        /// <param name="securityPrincipal">Security principal being authenticated, can be <c>null</c>.</param>
        /// <param name="authorizationScheme">Authentication scheme in use.</param>
        /// <param name="useProviderReason"><c>true</c> to use detailed response from security provider.</param>
        /// <returns>Reason phrase to return for an unauthorized response.</returns>
        /// <remarks>
        /// Detailed provider response should normally only be used for diagnostics, a more obscure reason is considered
        /// more secure since it limits knowledge about the successful elements of an authentication attempt.
        /// </remarks>
        public static string GetFailureReasonPhrase(SecurityPrincipal securityPrincipal, string authorizationScheme = "Basic", bool useProviderReason = false)
        {
            if ((object)securityPrincipal == null)
            {
                return("Invalid user name or password");
            }

            if (useProviderReason)
            {
                // The security provider should be able to provide a reason for the failure
                string failureReason = securityPrincipal.Identity.Provider?.AuthenticationFailureReason;

                if (!string.IsNullOrEmpty(failureReason))
                {
                    return(failureReason);
                }
            }

            if (authorizationScheme == "Basic")
            {
                return("Invalid user name or password");
            }

            return("Missing credentials");
        }
Exemple #2
0
        private static ISecurityProvider SetupPrincipal(ISecurityProvider provider, bool restore)
        {
            // Initialize the principal object.
            IPrincipal principal;

            if (restore)
            {
                // Set principal to anonymous WindowsPrincipal.
                principal = new WindowsPrincipal(WindowsIdentity.GetAnonymous());
            }
            else
            {
                // Set principal to SecurityPrincipal.
                principal = new SecurityPrincipal(new SecurityIdentity(provider));
            }

            // Setup the current thread principal.
            Thread.CurrentPrincipal = principal;

            if (!s_threadPolicySet)
            {
                try
                {
                    AppDomain.CurrentDomain.SetThreadPrincipal(Thread.CurrentPrincipal);
                }
                catch (PolicyException)
                {
                    // Can't set default domain thread principal twice
                }

                s_threadPolicySet = true;
            }

            // Setup ASP.NET remote user principal.
            if ((object)HttpContext.Current != null)
            {
                HttpContext.Current.User = Thread.CurrentPrincipal;
            }

            return(provider);
        }
Exemple #3
0
        private static ISecurityProvider SetupPrincipal(ISecurityProvider provider, bool restore)
        {
            // Initialize the principal object.
            IPrincipal principal;

            if (restore)
            {
                // Set principal to anonymous WindowsPrincipal.
                principal = new WindowsPrincipal(WindowsIdentity.GetAnonymous());
            }
            else
            {
                // Set principal to SecurityPrincipal.
                principal = new SecurityPrincipal(new SecurityIdentity(provider));
            }

            // Setup the current thread principal.
            Thread.CurrentPrincipal = principal;

            if (!s_threadPolicySet)
            {
                try
                {
                    AppDomain.CurrentDomain.SetThreadPrincipal(Thread.CurrentPrincipal);
                }
                catch (PolicyException)
                {
                    // Can't set default domain thread principal twice
                }

                s_threadPolicySet = true;
            }

            // Setup ASP.NET remote user principal.
            if ((object)HttpContext.Current != null)
                HttpContext.Current.User = Thread.CurrentPrincipal;

            return provider;
        }