private void _credentialManager_ResolveCredentials(object sender, ResolveCredentialsEventArgs e)
{
ResolveCredentialsResult res = null;
lock (_credentials)
{
if (_credentials.ContainsKey(e.Principal))
{
res = new ResolveCredentialsResult(_credentials[e.Principal]);
}
else
{
foreach (KeyValuePair<SecurityPrincipal, ICredentialObject> pair in _credentials)
{
//// Check for wildcard principals in both direction
//if (pair.Key.IsWildcardMatch(principal) || principal.IsWildcardMatch(pair.Key))
//{
// res = new ResolveCredentialsResult(pair.Value);
//}
}
}
}
if (res == null)
{
if (ResolveCredentials != null)
{
ResolveCredentials(this, e);
}
}
else
{
e.Result = res;
}
}
private ICredentialObject GetCredentials(SecurityPrincipal principal, string details, Func <ICredentialObject, object, bool> validateCredentials, object context)
{
ICredentialObject ret = null;
if (ResolveCredentials != null)
{
bool resolved = false;
// Exit if we tried to resolve or ret is not null
while (!resolved)
{
// Resolve a single principal only one at a time
object lockObject = new object();
object currObject = _resolveLock.GetOrAdd(principal, lockObject);
lock (currObject)
{
// This is our object, and we know it is already locked
if (currObject == lockObject)
{
try
{
ResolveCredentialsEventArgs args = new ResolveCredentialsEventArgs(principal, details, context);
ResolveCredentials(this, args);
ResolveCredentialsResult credentials = args.Result;
if ((credentials != null) && (credentials.Credentials != null))
{
if (validateCredentials == null ||
validateCredentials(credentials.Credentials, context))
{
// Perhaps should log this as an error?
if (principal.PrincipalType.IsAssignableFrom(credentials.Credentials.GetType()))
{
if (credentials.Cache)
{
AddCredentials(principal, credentials.Credentials);
}
ret = credentials.Credentials;
break;
}
}
}
resolved = true;
}
finally
{
_resolveLock.TryRemove(principal, out lockObject);
}
}
else // Not our object, but doesn't matter we won't get here until the originator unlocks
{
ret = GetCachedCredentials(principal);
if (ret != null)
{
resolved = true;
}
}
}
}
}
return(ret);
}
