Esempio n. 1
0
 /// <summary>
 /// Verifies if the given SecurityString inside the header is correct and if the user this string belongs to hasn't timed out yet.
 /// </summary>
 /// <param name="header">The header of the request which holds teh SessionId to verify</param>
 public static void VerifySession(RequestHeader header)
 {
     if (WcfUserSessionSecurity.SessionStore.ValidateSession(header.SessionId))
     {
         WcfUserSessionSecurity sec = new WcfUserSessionSecurity(header);
         WcfUserSessionSecurity.Current = sec;
     }
     else
     {
         WcfUserSessionSecurity.Current = new WcfUserSessionSecurity(header);
     }
 }
Esempio n. 2
0
        /// <summary>
        /// Attempts to login a user with the given username and password.
        /// If successfull a new instance of the WcfUserSessionSecurity class is created with the given User data and the Security String is set
        /// This instance can be retrieved using WcfUserSessionSecurity.Current
        /// If however MultiStepVerification has been set to True on either the service or the User itself, the user is not yet authenticated until <see cref="M:MultiStepVerificationCompleted"/> has been called and the User instance is therefore not accessible yet
        /// </summary>
        /// <param name="username">The username to login with</param>
        /// <param name="password">The password to use</param>
        /// <returns>True if successful, false otherwise</returns>
        public static LoginResult Login(string username, string password)
        {
            IUser       user   = null;
            LoginResult result = WcfUserSessionSecurity.UserManager.Find(username, password, ref user);

            WcfUserSessionSecurity.Current.RequestHeader.SessionId = null;

            if (result == LoginResult.Success)
            {
                WcfUserSessionSecurity sec = WcfUserSessionSecurity.Current.User != null && WcfUserSessionSecurity.Current.User.UserName.Equals(username, StringComparison.CurrentCultureIgnoreCase) ? WcfUserSessionSecurity.Current : new WcfUserSessionSecurity(user, WcfUserSessionSecurity.Current.RequestHeader);
                sec.InternalUser = user;
                WcfUserSessionSecurity.Current = sec;
                WcfUserSessionSecurity.SessionStore.StoreSession(sec.SessionId, sec.SessionData);
            }

            return(result);
        }