Esempio n. 1
0
        private void OnLeave(object source, EventArgs eventArgs)
        {
            if (this._fOnEnterCalled)
            {
                this._fOnEnterCalled = false;
            }
            else
            {
                return;
            }
            HttpApplication application = (HttpApplication)source;
            HttpContext     context     = application.Context;

            if (context.Response.Cookies.GetNoCreate(FormsAuthentication.FormsCookieName) != null)
            {
                context.Response.Cache.SetCacheability(HttpCacheability.NoCache, "Set-Cookie");
            }
            if (context.Response.StatusCode == 0x191)
            {
                string rawUrl = context.Request.RawUrl;
                if ((rawUrl.IndexOf("?ReturnUrl=", StringComparison.Ordinal) == -1) && (rawUrl.IndexOf("&ReturnUrl=", StringComparison.Ordinal) == -1))
                {
                    string str3;
                    string strUrl = null;
                    if (!string.IsNullOrEmpty(FormsAuthentication.LoginUrl))
                    {
                        strUrl = AuthenticationConfig.GetCompleteLoginUrl(context, FormsAuthentication.LoginUrl);
                    }
                    if ((strUrl == null) || (strUrl.Length <= 0))
                    {
                        throw new HttpException(System.Web.SR.GetString("Auth_Invalid_Login_Url"));
                    }
                    CookielessHelperClass cookielessHelper = context.CookielessHelper;
                    if (strUrl.IndexOf('?') >= 0)
                    {
                        str3 = FormsAuthentication.RemoveQueryStringVariableFromUrl(strUrl, "ReturnUrl") + "&ReturnUrl=" + HttpUtility.UrlEncode(rawUrl, context.Request.ContentEncoding);
                    }
                    else
                    {
                        str3 = strUrl + "?ReturnUrl=" + HttpUtility.UrlEncode(rawUrl, context.Request.ContentEncoding);
                    }
                    int index = rawUrl.IndexOf('?');
                    if ((index >= 0) && (index < (rawUrl.Length - 1)))
                    {
                        str3 = str3 + "&" + rawUrl.Substring(index + 1);
                    }
                    cookielessHelper.SetCookieValue('F', null);
                    cookielessHelper.RedirectWithDetectionIfRequired(str3, FormsAuthentication.CookieMode);
                    context.Response.Redirect(str3, false);
                }
            }
        }
Esempio n. 2
0
        private void OnEnter(object source, EventArgs eventArgs)
        {
            this._fOnEnterCalled = true;
            HttpApplication application = (HttpApplication)source;
            HttpContext     context     = application.Context;

            this.OnAuthenticate(new FormsAuthenticationEventArgs(context));
            CookielessHelperClass cookielessHelper = context.CookielessHelper;

            if (AuthenticationConfig.AccessingLoginPage(context, FormsAuthentication.LoginUrl))
            {
                context.SetSkipAuthorizationNoDemand(true, false);
                cookielessHelper.RedirectWithDetectionIfRequired(null, FormsAuthentication.CookieMode);
            }
            if (!context.SkipAuthorization)
            {
                context.SetSkipAuthorizationNoDemand(AssemblyResourceLoader.IsValidWebResourceRequest(context), false);
            }
        }
Esempio n. 3
0
        ////////////////////////////////////////////////////////////
        ////////////////////////////////////////////////////////////
        ////////////////////////////////////////////////////////////

        /// <devdoc>
        ///    <para>[To be supplied.]</para>
        /// </devdoc>
        private void OnEnter(Object source, EventArgs eventArgs)
        {
            _fOnEnterCalled = true;

            HttpApplication app;
            HttpContext     context;

            app     = (HttpApplication)source;
            context = app.Context;

#if DBG
            Trace("*******************Request path: " + context.Request.RawUrl);
#endif

            ////////////////////////////////////////////////////////
            // Step 2: Call OnAuthenticate virtual method to create
            //    an IPrincipal for this request
            OnAuthenticate(new FormsAuthenticationEventArgs(context));

            ////////////////////////////////////////////////////////
            // Skip AuthZ if accessing the login page

            // We do this here to force the cookieless helper to fish out and
            // remove the token from the URL if it's present there.
            CookielessHelperClass cookielessHelper = context.CookielessHelper;

            if (AuthenticationConfig.AccessingLoginPage(context, FormsAuthentication.LoginUrl))
            {
                context.SetSkipAuthorizationNoDemand(true, false /*managedOnly*/);
                cookielessHelper.RedirectWithDetectionIfRequired(null, FormsAuthentication.CookieMode);
            }
            if (!context.SkipAuthorization)
            {
                context.SetSkipAuthorizationNoDemand(AssemblyResourceLoader.IsValidWebResourceRequest(context), false /*managedOnly*/);
            }
        }