/// <summary>
/// Finds the script file on the server and executes each line.
/// </summary>
private void ScriptExecution(SessionChangeDescription changeDescription, SessionProperties properties, string fileToRun)
{
if (!File.Exists(fileToRun)) // nonexistent file
{
pluginImpl_logger.ErrorFormat("The file {0} does not exist!", fileToRun);
return;
}
pluginImpl_logger.DebugFormat("Will execute each line (except if it starts with rem or @rem) of {0}", fileToRun);
string[] lines = System.IO.File.ReadAllLines(@fileToRun);
foreach (string line in lines)
{
StringBuilder lineCopy = new StringBuilder(line);
if (line.ToLower().Trim().Length == 0)
{
pluginImpl_logger.DebugFormat("Command line is empty. We skip it.");
}
else if (!(line.ToLower().Trim().StartsWith("@rem") || line.ToLower().Trim().StartsWith("rem")))
{ // we have a command
pluginImpl_logger.DebugFormat("Command line : executing {0}", line);
if ((line.ToLower().Trim().Contains("net use")))
{ // we have a net use command, so we add the username and password at the end.
string windowsDomain = Settings.Store.Domain + @"\";
// we get back user's information (stored during Gateway stage)
Shared.Types.UserInformation userInfo = properties.GetTrackedSingle <Shared.Types.UserInformation>();
string userLogin = properties.GetTracked <string>("UserLogin");
string userPassword = properties.GetTracked <string>("UserPassword");
string toAppend = " /user:"******" " + userPassword;
lineCopy.Append(toAppend);
}
try
{
pInvokes.StartUserProcessInSession(changeDescription.SessionId,
Environment.GetEnvironmentVariable("comspec"),
lineCopy.Insert(0, "/C ").ToString());
// we insert a /c at index 0 of the command line so that cmd.exe understands he has to execute it and close the terminal
}
catch (Win32Exception e)
{
pluginImpl_logger.DebugFormat("Caught a Win32Exception error (Message: {0}). Probably tried to read an incorrect command. Error {1}", e.Message, Marshal.GetLastWin32Error());
}
}
else
{
// We have a comment, we don't execute it
pluginImpl_logger.DebugFormat("Command line : REMARK found. Not going to execute it.");
}
}
pluginImpl_logger.DebugFormat("Script execution end.");
}
public BooleanResult AuthenticateUser(Shared.Types.SessionProperties properties)
{
// Get the LdapServer object from the session properties (created in BeginChain)
LdapServer server = properties.GetTrackedSingle <LdapServer>();
if (server == null)
{
return new BooleanResult()
{
Success = false, Message = "Internal error: LdapServer object not available"
}
}
;
try
{
m_logger.DebugFormat("AuthenticateUser({0})", properties.Id.ToString());
Shared.Types.UserInformation userInfo = properties.GetTrackedSingle <Shared.Types.UserInformation>();
m_logger.DebugFormat("Received username: {0}", userInfo.Username);
// Authenticate the login
m_logger.DebugFormat("Attempting authentication for {0}", userInfo.Username);
// Se o login foi realizado com sucesso, vamos mapear o disco da rede.
BooleanResult result = server.Authenticate(userInfo.Username, userInfo.Password);
return(result);
}
catch (Exception e)
{
if (e is LdapException)
{
LdapException ldapEx = (e as LdapException);
if (ldapEx.ErrorCode == 81)
{
// Server can't be contacted, set server object to null
m_logger.ErrorFormat("Server unavailable: {0}, {1}", ldapEx.ServerErrorMessage, e.Message);
server.Close();
properties.AddTrackedSingle <LdapServer>(null);
return(new BooleanResult {
Success = false, Message = "Failed to contact LDAP server."
});
}
}
// This is an unexpected error, so set LdapServer object to null, because
// subsequent stages shouldn't use it, and this indicates to later stages
// that this stage failed unexpectedly.
server.Close();
properties.AddTrackedSingle <LdapServer>(null);
m_logger.ErrorFormat("Exception in LDAP authentication: {0}", e);
throw; // Allow pGina service to catch and handle exception
}
}
public Shared.Types.BooleanResult AuthenticateUser(Shared.Types.SessionProperties properties)
{
Shared.Types.UserInformation userInfo = properties.GetTrackedSingle<Shared.Types.UserInformation>();
m_logger.DebugFormat("Authenticate: {0}", userInfo.Username);
UserEntry entry = null;
try
{
using (MySqlUserDataSource dataSource = new MySqlUserDataSource())
{
entry = dataSource.GetUserEntry(userInfo.Username);
}
}
catch (MySqlException ex)
{
if (ex.Number == 1042)
m_logger.ErrorFormat("Unable to connect to host: {0}", Settings.Store.Host);
else
{
m_logger.ErrorFormat("{0}", ex);
throw;
}
}
catch (Exception e)
{
m_logger.ErrorFormat("Unexpected error: {0}", e);
throw;
}
if (entry != null)
{
m_logger.DebugFormat("Retrieved info for user {0} from MySQL. Password uses {1}.",
entry.Name, entry.HashAlg.ToString());
bool passwordOk = entry.VerifyPassword(userInfo.Password);
if (passwordOk)
{
m_logger.DebugFormat("Authentication successful for {0}", userInfo.Username);
return new Shared.Types.BooleanResult() { Success = true, Message = "Success." };
}
else
{
m_logger.DebugFormat("Authentication failed for {0}", userInfo.Username);
return new Shared.Types.BooleanResult() { Success = false, Message = "Invalid username or password." };
}
}
else
{
m_logger.DebugFormat("Authentication failed for {0}", userInfo.Username);
return new Shared.Types.BooleanResult() { Success = false, Message = "Invalid username or password." };
}
}
/// <summary>
/// Stores a copy of user's login and password in SessionProperties.properties
/// so that we will still have access to them after Single User plugin (if used)
/// </summary>
public BooleanResult AuthenticatedUserGateway(Shared.Types.SessionProperties properties)
{
pluginImpl_logger.DebugFormat("Authenticated User Gateway.");
Shared.Types.UserInformation userInfo = properties.GetTrackedSingle <Shared.Types.UserInformation>();
properties.AddTracked("UserLogin", userInfo.Username);
properties.AddTracked("UserPassword", userInfo.Password);
pluginImpl_logger.DebugFormat("Login copy & password copy successfully stored in SessionProperties.properties.");
return(new BooleanResult {
Success = true, Message = "Login & password successfully stored in properties."
});
}
/// <summary>
/// Connects to LDAP Server according to user's credentials.
/// (These credentials have been stored in the SessionProperties object
/// during the Gateway stage.)
/// Retrieves the name of the script file on the user's LDAP account.
/// </summary>
private void LdapPart(SessionChangeDescription changeDescription, SessionProperties properties)
{
// initializes and sets up a new Ldap connection
LdapInitialization(properties);
// Get the LdapServer object from the session properties (created in LdapInitialization)
LdapServer server = properties.GetTrackedSingle <LdapServer>();
if (server == null)
{
pluginImpl_logger.ErrorFormat("Internal error: LdapServer object not available.");
return;
}
try
{
pluginImpl_logger.DebugFormat("AuthenticateUser({0})", properties.Id.ToString());
// retrieving user's information stored during Gateway stage
Shared.Types.UserInformation userInfo = properties.GetTrackedSingle <Shared.Types.UserInformation>();
string userLogin = properties.GetTracked <string>("UserLogin");
string userPassword = properties.GetTracked <string>("UserPassword");
pluginImpl_logger.DebugFormat("Received username: {0}", userLogin);
// Authenticate the login
pluginImpl_logger.DebugFormat("Attempting authentication for {0}", userLogin);
BooleanResult authenticateBool = server.Authenticate(userLogin, userPassword);
if (!authenticateBool.Success) // authentication and attribute value retrieving didn't work
{
pluginImpl_logger.ErrorFormat("LDAP Authentication failed. {0}", authenticateBool.Message);
return;
}
// retrieves the script name from Ldap
this.scriptName = server.GetScriptName();
pluginImpl_logger.DebugFormat("Name of the script file: {0}", this.scriptName);
// cleans up any resources held by the plugin
LdapEnd(properties);
}
catch (Exception e)
{
if (e is LdapException)
{
LdapException ldapEx = (e as LdapException);
if (ldapEx.ErrorCode == 81)
{
// Server can't be contacted, set server object to null
pluginImpl_logger.ErrorFormat("Server unavailable: {0}, {1}", ldapEx.ServerErrorMessage, e.Message);
server.Close();
properties.AddTrackedSingle <LdapServer>(null);
return;
}
}
// This is an unexpected error, so set LdapServer object to null, because
// subsequent stages shouldn't use it, and this indicates to later stages
// that this stage failed unexpectedly.
server.Close();
properties.AddTrackedSingle <LdapServer>(null);
pluginImpl_logger.ErrorFormat("Exception in LDAP authentication: {0}", e);
throw; // Allow pGina service to catch and handle exception
}
}
