Esempio n. 1
0
        private void InitializeDb()
        {
            if (licenseManager.IsFeatureEnabled(LicensedFeatures.ExternalSql) && highAvailabilityOptions.UseExternalSql)
            {
                this.activeInstanceProvider = this.sqlServerInstanceProvider;
            }
            else
            {
                this.activeInstanceProvider = this.localDbInstanceProvider;
            }

            this.activeInstanceProvider.InitializeDb();

            var upgrader = DeployChanges.To
                           .SqlDatabase(this.ConnectionString)
                           .WithScriptsEmbeddedInAssembly(Assembly.GetExecutingAssembly(), script => script.StartsWith("Lithnet.AccessManager.Server.DBScripts.Upgrade", System.StringComparison.OrdinalIgnoreCase))
                           .LogScriptOutput()
                           .LogTo(this.upgradeLogger)
                           .Build();

            if (upgrader.IsUpgradeRequired())
            {
                this.logger.LogInformation(EventIDs.DbUpgradeRequired, "The database requires updates");
            }
            else
            {
                this.logger.LogTrace("The database is up to date");
            }

            var result = upgrader.PerformUpgrade();

            if (!result.Successful)
            {
                throw result.Error;
            }
        }
Esempio n. 2
0
        private void ConfigureDataProtection(IServiceCollection services, IAmsLicenseManager licenseManager)
        {
            var provider = services.BuildServiceProvider();
            var dataProtectionOptions = provider.GetService <IOptions <Server.Configuration.DataProtectionOptions> >();

            IDataProtectionBuilder builder = services.AddDataProtection(options =>
            {
                options.ApplicationDiscriminator = "lithnetams";
            });

            SecurityIdentifier sid = WindowsIdentity.GetCurrent().User;

            RegistryKey key = Registry.LocalMachine.CreateSubKey($"Software\\Lithnet\\Access Manager Service\\Parameters\\Keys\\{sid}");

            builder.PersistKeysToRegistry(key);

            if (dataProtectionOptions.Value.EnableClusterCompatibleSecretEncryption && licenseManager.IsFeatureEnabled(LicensedFeatures.DpapiNgSecretEncryption))
            {
                if (dataProtectionOptions.Value.EnableClusterCompatibleSecretEncryption && licenseManager.IsFeatureEnabled(LicensedFeatures.DpapiNgSecretEncryption))
                {
                    builder.ProtectKeysWithDpapiNG($"SID={sid}", Microsoft.AspNetCore.DataProtection.XmlEncryption.DpapiNGProtectionDescriptorFlags.None);
                }
                else
                {
                    builder.ProtectKeysWithDpapi(false);
                }
            }
        }