private string CreateAdamBindString(AdRolesProviderData adRolesProviderData)
{
string adamBindString = adRolesProviderData.ProviderType + "://";
adamBindString += adRolesProviderData.Server + (adRolesProviderData.Server.Length > 0 ? "/" : "");
adamBindString += adRolesProviderData.UserPartition;
return(adamBindString);
}
private static void ValidateConfigData(AdRolesProviderData adRolesConfigData)
{
if ((adRolesConfigData.ProviderType == null || adRolesConfigData.ProviderType.Length == 0) ||
(adRolesConfigData.Server == null || adRolesConfigData.Server.Length == 0) ||
(adRolesConfigData.UserPartition == null || adRolesConfigData.UserPartition.Length == 0))
{
throw new ArgumentNullException(SR.ADAuthorizationProviderConfigDataInvalid);
}
}
private AdRolesProviderData GetAdRolesProviderData()
{
RolesProviderData rolesProviderData = securityConfigurationView.GetRolesProviderData(ConfigurationName);
ArgumentValidation.CheckExpectedType(rolesProviderData, typeof(AdRolesProviderData));
AdRolesProviderData adRolesProviderData = (AdRolesProviderData)rolesProviderData;
ValidateConfigData(adRolesProviderData);
return(adRolesProviderData);
}
private static SecuritySettings GenerateSecuritySettings()
{
SecuritySettings settings = new SecuritySettings();
AdRolesProviderData providerData = new AdRolesProviderData("AdRolesProviderName", "LDAP", "entlibbldwchr:389", "CN=EntLibUsers,O=EntLib,C=US");
providerData.AccountName = "CN";
providerData.TypeName = typeof(AdRolesProvider).AssemblyQualifiedName;
settings.RolesProviders.Add(providerData);
return(settings);
}
/// <summary>
/// Overridden from SecurityRolesProvider. Retrieves the list of user roles
/// from the underlying active directory services.
/// </summary>
/// <param name="userIdentity">Identity of user used for retrieval</param>
/// <returns>String array of roles for the given user identity</returns>
protected override string[] CollectAllUserRoles(IIdentity userIdentity)
{
AdRolesProviderData adRolesProviderData = GetAdRolesProviderData();
string adamBindString = CreateAdamBindString(adRolesProviderData);
string accountName = adRolesProviderData.AccountName;
DirectoryEntry adamUser = GetUserFromLdap(adamBindString, accountName, userIdentity);
object groups = adamUser.Invoke("Groups");
StringBuilder tmpRoles = CollectRoles(groups);
return(tmpRoles.ToString().TrimEnd(',').Split(','));
}
/// <summary>
/// Initializes a new instance of the <see cref="ActiveDirectoryRolesProviderNode"/>
/// class with the specified <see cref="AdRolesProviderData"/>.
/// </summary>
/// <param name="adRolesProviderData">A <see cref="AdRolesProviderData"/> object.</param>
public ActiveDirectoryRolesProviderNode(AdRolesProviderData adRolesProviderData)
: base(adRolesProviderData)
{
this.adRolesProviderData = adRolesProviderData;
this.adRolesProviderData.AccountName = SR.AccountNameFieldName;
}
/// <summary>
/// Initializes a new instance of the <see cref="ActiveDirectoryRolesProviderNode"/>
/// class with the specified <see cref="AdRolesProviderData"/>.
/// </summary>
/// <param name="adRolesProviderData">A <see cref="AdRolesProviderData"/> object.</param>
public ActiveDirectoryRolesProviderNode(AdRolesProviderData adRolesProviderData) : base(adRolesProviderData)
{
this.adRolesProviderData = adRolesProviderData;
this.adRolesProviderData.AccountName = SR.AccountNameFieldName;
}
