public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext) { // Extract Cookie (name=value) from messageproperty var messageProperty = (HttpRequestMessageProperty) OperationContext.Current.IncomingMessageProperties[HttpRequestMessageProperty.Name]; string cookie = messageProperty.Headers.Get("Set-Cookie"); if (string.IsNullOrWhiteSpace(cookie)) return null; string[] nameValue = cookie.Split('=', ','); string userName = string.Empty; // Set User Name from cookie int pos = nameValue.ToList().IndexOf(".ASPXAUTH"); if (pos == -1) return null; userName = nameValue[pos + 1]; // Set Thread Principal to User Name EnterpriseIdentity enterpriseIdentity = new EnterpriseIdentity(); GenericPrincipal threadCurrentPrincipal = new GenericPrincipal(enterpriseIdentity, new string[] { }); enterpriseIdentity.IsAuthenticated = true; enterpriseIdentity.Name = userName; System.Threading.Thread.CurrentPrincipal = threadCurrentPrincipal; return null; }
/// <summary> /// Authorizatizes the specified user via ERMS authentication. /// </summary> /// <param name="userName">Name of the user.</param> /// <param name="domainName">Name of the domain.</param> /// <param name="environmentName">Name of the environment.</param> /// <param name="applicationName">Name of the applicaiton.</param> /// <returns>User Identity</returns> public UserIdentity GetUserIdentity(string userName, string domainName, string environmentName, string applicationName) { IList <Permission> permissions; ApplicationGroup currentAppGroup; string appName = ConfigurationManager.AppSettings.Get("AppName"); if (!String.IsNullOrEmpty(appName)) { if (appName.ToLower() == "erms" || appName.ToLower() == "grs") { currentAppGroup = ApplicationGroup.GRS; } else { currentAppGroup = ApplicationGroup.Pricing; } } else { currentAppGroup = ApplicationGroup.Pricing; } if (currentAppGroup == ApplicationGroup.GRS) { permissions = AllPermissionDescriptionsGRS.Select(permission => new Permission() { FactDescription = permission }).ToList(); } else { permissions = AllPermissionDescriptions.Select(permission => new Permission() { FactDescription = permission }).ToList(); } try { EnterpriseIdentity enterpriseIdentity = AuthenticationService.Authenticate(new EnterpriseIdentity() { ApplicationName = applicationName, Username = userName, DomainName = domainName, EnvironmentName = environmentName, ErmsPermissionSet = new PermissionSet(permissions, null) }); return(Transform(enterpriseIdentity)); } catch (Exception ex) { throw new UnauthorizedAPIException(ex.Message); } }
private static UserIdentity Transform(EnterpriseIdentity enterpriseIdentity) { if (enterpriseIdentity != null) { Dictionary <string, bool> authenticatedPermissions = new Dictionary <string, bool>(); foreach (var permission in enterpriseIdentity.ErmsPermissionSet.Permissions) { // NOTE: FactValue is a string. Booleans were converted to 0/1 so we need to handle that case for Permission Fact's (Start With 'Can'). if (permission.FactDescription.StartsWith("Can") && (permission.FactValue.Equals("0") || permission.FactValue.Equals("1"))) { authenticatedPermissions.Add(permission.FactDescription, permission.FactValue); } else { authenticatedPermissions.Add(permission.FactDescription, permission.FactValue); } } Dictionary <string, string> connections = new Dictionary <string, string>(); foreach (var connection in enterpriseIdentity.Connections) { connections.Add(connection.ConnectionKey, connection.ConnectionString); } Dictionary <string, string> paths = new Dictionary <string, string>(); paths.Add("ErmsHome", enterpriseIdentity.ErmsHomePath); UserIdentity userIdentity = new UserIdentity( enterpriseIdentity.ApplicationName, enterpriseIdentity.UserId, enterpriseIdentity.NameId, enterpriseIdentity.Username, enterpriseIdentity.DomainName, enterpriseIdentity.EnvironmentName, enterpriseIdentity.AuthenticatedOn, enterpriseIdentity.IsAuthenticated, enterpriseIdentity.ImpersonatedBy, enterpriseIdentity.IsServiceAccount, authenticatedPermissions, connections, paths ); return(userIdentity); } return(default(UserIdentity)); }