private void OnEnter(object source, EventArgs eventArgs) { HttpApplication application = (HttpApplication)source; HttpContext context = application.Context; if (context.SkipAuthorization) { if ((context.User == null) || !context.User.Identity.IsAuthenticated) { PerfCounters.IncrementCounter(AppPerfCounter.ANONYMOUS_REQUESTS); } } else { AuthorizationSection authorization = RuntimeConfig.GetConfig(context).Authorization; if (!authorization.EveryoneAllowed && !authorization.IsUserAllowed(context.User, context.Request.RequestType)) { ReportUrlAuthorizationFailure(context, this); } else { if ((context.User == null) || !context.User.Identity.IsAuthenticated) { PerfCounters.IncrementCounter(AppPerfCounter.ANONYMOUS_REQUESTS); } WebBaseEvent.RaiseSystemEvent(this, 0xfa3); } } }
void OnAuthorizeRequest(object sender, EventArgs args) { HttpApplication app = (HttpApplication)sender; HttpContext context = app.Context; if (context == null || context.SkipAuthorization) { return; } HttpRequest req = context.Request; #if NET_2_0 AuthorizationSection config = (AuthorizationSection)WebConfigurationManager.GetSection("system.web/authorization", req.Path, context); #else AuthorizationConfig config = (AuthorizationConfig)context.GetConfig("system.web/authorization"); if (config == null) { return; } #endif if (!config.IsValidUser(context.User, req.HttpMethod)) { HttpException e = new HttpException(401, "Unauthorized"); HttpResponse response = context.Response; response.StatusCode = 401; response.Write(e.GetHtmlErrorMessage()); app.CompleteRequest(); } }
public static bool CheckUrlAccessForPrincipal(string virtualPath, IPrincipal user, string verb) { if (virtualPath == null) { throw new ArgumentNullException("virtualPath"); } if (user == null) { throw new ArgumentNullException("user"); } if (verb == null) { throw new ArgumentNullException("verb"); } verb = verb.Trim(); VirtualPath path = VirtualPath.Create(virtualPath); if (!path.IsWithinAppRoot) { throw new ArgumentException(System.Web.SR.GetString("Virtual_path_outside_application_not_supported"), "virtualPath"); } if (!s_EnabledDetermined) { if (!HttpRuntime.UseIntegratedPipeline) { HttpModulesSection httpModules = RuntimeConfig.GetConfig().HttpModules; int count = httpModules.Modules.Count; for (int i = 0; i < count; i++) { HttpModuleAction action = httpModules.Modules[i]; if (Type.GetType(action.Type, false) == typeof(UrlAuthorizationModule)) { s_Enabled = true; break; } } } else { foreach (ModuleConfigurationInfo info in HttpApplication.IntegratedModuleList) { if (Type.GetType(info.Type, false) == typeof(UrlAuthorizationModule)) { s_Enabled = true; break; } } } s_EnabledDetermined = true; } if (s_Enabled) { AuthorizationSection authorization = RuntimeConfig.GetConfig(path).Authorization; if (!authorization.EveryoneAllowed) { return(authorization.IsUserAllowed(user, verb)); } } return(true); }
//////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// // Module Enter: Get the authorization configuration section // and see if this user is allowed or not void OnEnter(Object source, EventArgs eventArgs) { HttpApplication app; HttpContext context; app = (HttpApplication)source; context = app.Context; if (context.SkipAuthorization) { if (context.User == null || !context.User.Identity.IsAuthenticated) { PerfCounters.IncrementCounter(AppPerfCounter.ANONYMOUS_REQUESTS); } return; } // Get the authorization config object AuthorizationSection settings = RuntimeConfig.GetConfig(context).Authorization; // Check if the user is allowed, or the request is for the login page if (!settings.EveryoneAllowed && !settings.IsUserAllowed(context.User, context.Request.RequestType)) { ReportUrlAuthorizationFailure(context, this); } else { if (context.User == null || !context.User.Identity.IsAuthenticated) { PerfCounters.IncrementCounter(AppPerfCounter.ANONYMOUS_REQUESTS); } WebBaseEvent.RaiseSystemEvent(this, WebEventCodes.AuditUrlAuthorizationSuccess); } }
public void Defaults() { AuthorizationSection a = new AuthorizationSection(); Assert.IsNotNull(a.Rules, "A1"); Assert.AreEqual(0, a.Rules.Count, "A2"); }
internal static bool IsUserAllowedToPath(HttpContext context, VirtualPath virtualPath) { AuthorizationSection authorization = RuntimeConfig.GetConfig(context, virtualPath).Authorization; if (!authorization.EveryoneAllowed) { return(authorization.IsUserAllowed(context.User, context.Request.RequestType)); } return(true); }
// add first group of rules protected void AddFirstGroupOfRules(AuthorizationSection section, ArrayList rulesArray, int selectedIndex, string upOrDown) { int adj; if (upOrDown == "up") adj = 1; else adj = 0; for (int x = 0; x < selectedIndex - adj; x++) { section.Rules.Add((AuthorizationRule)rulesArray[x]); } }
/// <summary> /// Gets authorization collection for a given site. /// </summary> /// <param name="siteName">Site's name to get authorization collection for.</param> /// <returns>Authorization collection.</returns> public AuthorizationRuleCollection GetAuthorizationRuleCollection(string siteName) { AuthorizationSection section = (AuthorizationSection)FtpHelper.GetAppHostSection(ServerManager, "system.ftpServer/security/authorization", typeof(AuthorizationSection), ManagementConfigurationPath.CreateSiteConfigurationPath(siteName)); AuthorizationRuleCollection rules = section.Rules; if (rules == null) { throw new Exception("ConfigurationError"); } return(rules); }
internal static bool RequestRequiresAuthorization(HttpContext context) { if (context.SkipAuthorization) { return(false); } AuthorizationSection authorization = RuntimeConfig.GetConfig(context).Authorization; if (_AnonUser == null) { _AnonUser = new GenericPrincipal(new GenericIdentity(string.Empty, string.Empty), new string[0]); } return(!authorization.IsUserAllowed(_AnonUser, context.Request.RequestType)); }
public void AddTheTwoSwappedRules(AuthorizationSection section, ArrayList rulesArray, int selectedIndex, string upOrDown) { if (upOrDown == "up") { section.Rules.Add((AuthorizationRule)rulesArray[selectedIndex]); section.Rules.Add((AuthorizationRule)rulesArray[selectedIndex - 1]); } else if (upOrDown == "down") { section.Rules.Add((AuthorizationRule)rulesArray[selectedIndex + 1]); section.Rules.Add((AuthorizationRule)rulesArray[selectedIndex]); } }
public void LoadRulesInNewOrder(AuthorizationSection section, ArrayList rulesArray, int selectedIndex, string upOrDown) { /* * Dan Clem, 3/17/2007. * I hope this is simple enough. * Imagine you have five local rules and you click a button to move the middle one. * In that scenario, all three of these methods will add rules. * If, however, there are only two local rules to start with, then only the middle method will add rules. * The first and third methods won't do anything, because their FOR loops will never execute. */ AddFirstGroupOfRules(section, rulesArray, selectedIndex, upOrDown); AddTheTwoSwappedRules(section, rulesArray, selectedIndex, upOrDown); AddFinalGroupOfRules(section, rulesArray, selectedIndex, upOrDown); }
private static void Initialize() { AuthorizationSection section = System.Configuration.ConfigurationManager.GetSection("Colosoft.Route.Security") as AuthorizationSection; if (section != null) { _providers = new AuthorizationProviderCollection(); System.Web.Configuration.ProvidersHelper.InstantiateProviders(section.Providers, _providers, typeof(AuthorizationProvider)); _providers.SetReadOnly(); _provider = _providers[section.DefaultProvider.Trim()]; if (_provider != null) { return; } } }
static internal bool RequestRequiresAuthorization(HttpContext context) { if (context.SkipAuthorization) { return(false); } AuthorizationSection settings = RuntimeConfig.GetConfig(context).Authorization; // Check if the anonymous user is allowed if (_AnonUser == null) { _AnonUser = new GenericPrincipal(new GenericIdentity(String.Empty, String.Empty), new String[0]); } return(!settings.IsUserAllowed(_AnonUser, context.Request.RequestType)); }
public void AddFinalGroupOfRules(AuthorizationSection section, ArrayList rulesArray, int selectedIndex, string upOrDown) { int adj; if (upOrDown == "up") { adj = 1; } else { adj = 2; } for (int x = selectedIndex + adj; x < rulesArray.Count; x++) { section.Rules.Add((AuthorizationRule)rulesArray[x]); } }
public void MoveRule(object sender, EventArgs e, string upOrDown) { /* * Dan Clem, 3/17/2007 */ upOrDown = upOrDown.ToLower(); if (upOrDown == "up" || upOrDown == "down") { Button button = (Button)sender; GridViewRow item = (GridViewRow)button.Parent.Parent; int selectedIndex = item.RowIndex; if ((selectedIndex > 0 && upOrDown == "up") || (upOrDown == "down")) { string virtualFolderPath = FolderTree.SelectedValue; Configuration config = WebConfigurationManager.OpenWebConfiguration(virtualFolderPath); SystemWebSectionGroup systemWeb = (SystemWebSectionGroup)config.GetSectionGroup("system.web"); AuthorizationSection section = (AuthorizationSection)systemWeb.Sections["authorization"]; // Pull the local rules out of the authorization section, deleting them from same: ArrayList rulesArray = PullLocalRulesOutOfAuthorizationSection(section); if (upOrDown == "up") { LoadRulesInNewOrder(section, rulesArray, selectedIndex, upOrDown); } else if (upOrDown == "down") { if (selectedIndex < rulesArray.Count - 1) { LoadRulesInNewOrder(section, rulesArray, selectedIndex, upOrDown); } else { // DOWN button in last row was pressed. Load the rules array back in without resorting. for (int x = 0; x < rulesArray.Count; x++) { section.Rules.Add((AuthorizationRule)rulesArray[x]); } } } config.Save(); } } }
public void AddRule(AuthorizationRule newRule) { string virtualFolderPath = FolderTree.SelectedValue; Configuration config = WebConfigurationManager.OpenWebConfiguration(virtualFolderPath); SystemWebSectionGroup systemWeb = (SystemWebSectionGroup)config.GetSectionGroup("system.web"); AuthorizationSection section = (AuthorizationSection)systemWeb.Sections["authorization"]; section.Rules.Add(newRule); try { config.Save(); RuleCreationError.Visible = false; } catch (Exception ex) { RuleCreationError.Visible = true; RuleCreationError.Text = "<div class=\"alert\"><br />An error occurred and the rule was not added. I saw this happen during testing when I attempted to create a rule that the ASP.NET infrastructure realized was redundant. Specifically, I had the rule <i>DENY ALL USERS</i> in one folder, then attempted to add the same rule in a subfolder, which caused ASP.NET to throw an exception.<br /><br />Here's the error message that was thrown just now:<br /><br /><i>" + ex.Message + "</i></div>"; } }
static bool CheckAuth(HttpApplication app, Configuration sc) { AuthorizationSection ac = sc.GetSection("system.web/authorization") as AuthorizationSection; if (ac != null) { if (!(bool)everyoneallowed.GetValue(ac, null)) { bool ok = (bool)checkuser.Invoke(ac, new object[] { app.User, app.Request.HttpMethod }); if (!ok) { app.Context.Response.StatusCode = 401; app.CompleteRequest(); return(false); } } } return(true); }
public ArrayList PullLocalRulesOutOfAuthorizationSection(AuthorizationSection section) { // Dan Clem, 3/17/2007. // First load the local rules into an ArrayList. ArrayList rulesArray = new ArrayList(); foreach (AuthorizationRule rule in section.Rules) { if (rule.ElementInformation.IsPresent) { rulesArray.Add(rule); } } // Next delete the rules from the section. foreach (AuthorizationRule rule in rulesArray) { section.Rules.Remove(rule); } return(rulesArray); }
public void DeleteRule(object sender, EventArgs e) { /* * Dan Clem, 3/16/2007. * This is working quite well, however there is a defect that I am not planning to fix right now. * If you delete a rule, then attempt to delete another rule from the same folder without * refreshing the page, you'll get a page error. The workaround is to re-click the folder in the * tree to refresh it, then delete the rule. * Don't feel like worrying about this right now. * * Note: this problem may have been fixed already. * I stopped using the session array method for handling things. * This may have fixed it. I'll test later. */ Button button = (Button)sender; GridViewRow item = (GridViewRow)button.Parent.Parent; string virtualFolderPath = FolderTree.SelectedValue; Configuration config = WebConfigurationManager.OpenWebConfiguration(virtualFolderPath); SystemWebSectionGroup systemWeb = (SystemWebSectionGroup)config.GetSectionGroup("system.web"); AuthorizationSection section = (AuthorizationSection)systemWeb.Sections["authorization"]; section.Rules.RemoveAt(item.RowIndex); config.Save(); }
static void Main(string[] args) { // Display title and info. Console.WriteLine("ASP.NET Configuration Info"); Console.WriteLine("Type: CommaDelimitedStringCollection"); Console.WriteLine(); // Set the path of the config file. string configPath = "/aspnet"; // Get the Web application configuration object. Configuration config = WebConfigurationManager.OpenWebConfiguration(configPath); // Get the section related object. AuthorizationSection configSection = (AuthorizationSection)config.GetSection("system.web/authorization"); // Get the authorization rule collection. AuthorizationRuleCollection authorizationRuleCollection = configSection.Rules; // <Snippet2> // Create a CommaDelimitedStringCollection object. CommaDelimitedStringCollection myStrCollection = new CommaDelimitedStringCollection(); // </Snippet2> for (int i = 0; i < authorizationRuleCollection.Count; i++) { if (authorizationRuleCollection.Get(i).Action.ToString().ToLower() == "allow") { // <Snippet3> // Add values to the CommaDelimitedStringCollection object. myStrCollection.AddRange( authorizationRuleCollection.Get(i).Users.ToString().Split( ",".ToCharArray())); // </Snippet3> } } Console.WriteLine("Allowed Users: {0}", myStrCollection.ToString()); // <Snippet4> // Count the elements in the collection. Console.WriteLine("Allowed User Count: {0}", myStrCollection.Count); // </Snippet4> // <Snippet5> // Call the Contains method. Console.WriteLine("Contains 'userName1': {0}", myStrCollection.Contains("userName1")); // </Snippet5> // <Snippet6> // Determine the index of an element // in the collection. Console.WriteLine("IndexOf 'userName0': {0}", myStrCollection.IndexOf("userName0")); // </Snippet6> // <Snippet7> // Call IsModified. Console.WriteLine("IsModified: {0}", myStrCollection.IsModified); // </Snippet7> // <Snippet8> // Call IsReadyOnly. Console.WriteLine("IsReadOnly: {0}", myStrCollection.IsReadOnly); // </Snippet8> Console.WriteLine(); Console.WriteLine("Add a user name to the collection."); // <Snippet9> // Insert a new element in the collection. myStrCollection.Insert(myStrCollection.Count, "userNameX"); // </Snippet9> Console.WriteLine("Collection Value: {0}", myStrCollection.ToString()); Console.WriteLine(); Console.WriteLine("Remove a user name from the collection."); // <Snippet10> // Remove an element of the collection. myStrCollection.Remove("userNameX"); // </Snippet10> Console.WriteLine("Collection Value: {0}", myStrCollection.ToString()); // Display and wait Console.ReadLine(); }
// use local rules out of authorization section protected ArrayList PullLocalRulesOutOfAuthorizationSection(AuthorizationSection section) { // First load the local rules into an ArrayList. ArrayList rulesArray = new ArrayList(); foreach (AuthorizationRule rule in section.Rules) { if (rule.ElementInformation.IsPresent) { rulesArray.Add(rule); } } // Next delete the rules from the section. foreach (AuthorizationRule rule in rulesArray) { section.Rules.Remove(rule); } return rulesArray; }
/// <summary> /// Action after clicking login button. /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void Login_Click(object sender, EventArgs e) { this.ErrorInfo.Text = String.Empty; bool persistent = false; // Authorization using portal's membership provider when STS authentication is inactive. AuthorizationSection section = (AuthorizationSection)WebConfigurationManager.GetSection("system.web/authorization"); foreach (System.Web.Configuration.AuthorizationRule entry in section.Rules) { if (entry.Action == System.Web.Configuration.AuthorizationRuleAction.Allow && entry.Users.Contains("*")) { try { if (Membership.ValidateUser(UsernameTextBox.Text, PasswordTextBox.Text)) { if (RememberCheckbox.Checked) { persistent = true; } System.Web.Security.FormsAuthentication.RedirectFromLoginPage(UsernameTextBox.Text, persistent); return; } } catch (Exception) { this.ErrorInfo.Text = GetLocalResourceObject("AuthenticationError.Text").ToString(); return; } } } SecurityToken Token = null; try { Token = SecurityTokenStore.GetTokenFromUsername(UsernameTextBox.Text, PasswordTextBox.Text); if (Token != null) { SecurityTokenStore.StoreToken(Token, UsernameTextBox.Text); if (RememberCheckbox.Checked) { persistent = true; } System.Web.Security.FormsAuthentication.RedirectFromLoginPage(UsernameTextBox.Text, persistent); } } catch (Exception ex) { this.ErrorInfo.Text = GetLocalResourceObject("AuthenticationError.Text").ToString(); if (ex.InnerException != null) { switch (ex.InnerException.Message) { case STSConstants.InvalidUsernameOrPassword: this.ErrorInfo.Text = GetLocalResourceObject("IncorrectCredentials.Text").ToString(); break; case STSConstants.PasswordExpired: this.ErrorInfo.Text = GetLocalResourceObject("AuthorizationError.Text").ToString(); break; case STSConstants.AccountSuspended: this.ErrorInfo.Text = GetLocalResourceObject("AccountSuspended.Text").ToString(); break; case STSConstants.ID3242: this.ErrorInfo.Text = GetLocalResourceObject("IncorrectCredentials.Text").ToString(); break; default: this.ErrorInfo.Text = GetLocalResourceObject("AuthenticationError.Text").ToString(); break; } } } }
public static void Main() { // <Snippet1> // Get the Web application configuration. System.Configuration.Configuration configuration = WebConfigurationManager.OpenWebConfiguration( "/aspnetTest"); // </Snippet1> // <Snippet2> // Get the section. AuthorizationSection authorizationSection = (AuthorizationSection)configuration.GetSection( "system.web/authorization"); // </Snippet2> // <Snippet3> // Get the authorization rule collection. AuthorizationRuleCollection authorizationRuleCollection = authorizationSection.Rules; // </Snippet3> // <Snippet4> // Create an authorization rule object. AuthorizationRuleAction action = AuthorizationRuleAction.Deny; AuthorizationRule authorizationRule = new System.Web.Configuration.AuthorizationRule(action); // </Snippet4> // <Snippet5> // Create a new 'AuthorizationSection' object. AuthorizationSection newauthorizationSection = new System.Web.Configuration.AuthorizationSection(); // </Snippet5> // <Snippet6> // Using the AuthorizationRuleCollection Add method. // Set the action property. authorizationRule.Action = AuthorizationRuleAction.Allow; // Define the new rule to add to the collection. authorizationRule.Users.Add("userName"); authorizationRule.Roles.Add("admin"); authorizationRule.Verbs.Add("POST"); // Add the new rule to the collection. authorizationSection.Rules.Add(authorizationRule); // </Snippet6> // <Snippet7> // Using the AuthorizationRuleCollection Clear method. authorizationSection.Rules.Clear(); // </Snippet7> // <Snippet8> // Using the AuthorizationRuleCollection RemoveAt method. authorizationRuleCollection.RemoveAt(0); // </Snippet8> // <Snippet9> // Get the rule collection index. System.Int32 ruleIndex = authorizationSection.Rules.IndexOf(authorizationRule); // </Snippet9> // <Snippet10> // Remove the rule from the collection. authorizationSection.Rules.Remove(authorizationRule); // </Snippet10> // <Snippet11> // Using the AuthorizationRuleCollection Set method. // Define the rule to add to the collection. // Define the collection index. System.Int32 rIndex = 0; // Set the rule in the collection. authorizationRuleCollection.Set(rIndex, authorizationRule); // </Snippet11> // <Snippet12> // Show how to access the Rules elements. StringBuilder rules = new StringBuilder(); for (System.Int32 i = 0; i < authorizationSection.Rules.Count - 1; i++) { rules.Append("Action: " + authorizationSection.Rules[i].Action.ToString()); // Get the Verbs. System.Int32 verbsCount = authorizationSection.Rules[i].Verbs.Count; for (System.Int32 v = 0; v < verbsCount; v++) { rules.AppendLine( authorizationSection.Rules[i].Verbs[v]); } // Get the Roles. System.Int32 rolesCount = authorizationSection.Rules[i].Roles.Count; for (System.Int32 r = 0; r < rolesCount; r++) { rules.AppendLine(authorizationSection.Rules[i].Roles[r]); } // Get the Users. System.Int32 usersCount = authorizationSection.Rules[i].Users.Count; for (System.Int32 u = 0; u < usersCount; u++) { rules.AppendLine(authorizationSection.Rules[i].Users[u]); } } // </Snippet12> // <Snippet13> // Using the AuthorizationRuleCollection Get method. AuthorizationRule authRule = authorizationRuleCollection.Get(0); // </Snippet13> }
static void Main(string[] args) { string inputStr = String.Empty; string option = String.Empty; // Define a regular expression to allow only // alphanumeric inputs that are at most 20 character // long. For instance "/iii:". Regex rex = new Regex(@"[^\/w]{1,20}:"); // Parse the user's input. if (args.Length < 1) { // No option entered. Console.Write("Input parameter missing."); return; } else { // Get the user's option. inputStr = args[0].ToLower(); if (!(rex.Match(inputStr)).Success) { // Wrong option format used. Console.Write("Input parameter format not allowed."); return; } } // <Snippet1> // Get the Web application configuration. System.Configuration.Configuration configuration = WebConfigurationManager.OpenWebConfiguration( "/aspnetTest"); // Get the <system.web> group. SystemWebSectionGroup systemWeb = (SystemWebSectionGroup)configuration.GetSectionGroup("system.web"); // </Snippet1> try { switch (inputStr) { case "/anonymous:": // <Snippet2> // Get the anonymousIdentification section. AnonymousIdentificationSection anonymousIdentification = systemWeb.AnonymousIdentification; // Read section information. info = anonymousIdentification.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet2> Console.Write(msg); break; case "/authentication:": // <Snippet3> // Get the authentication section. AuthenticationSection authentication = systemWeb.Authentication; // Read section information. info = authentication.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet3> Console.Write(msg); break; case "/authorization:": // <Snippet4> // Get the authorization section. AuthorizationSection authorization = systemWeb.Authorization; // Read section information. info = authorization.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet4> Console.Write(msg); break; case "/compilation:": // <Snippet5> // Get the compilation section. CompilationSection compilation = systemWeb.Compilation; // Read section information. info = compilation.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet5> Console.Write(msg); break; case "/customerrors:": // <Snippet6> // Get the customerrors section. CustomErrorsSection customerrors = systemWeb.CustomErrors; // Read section information. info = customerrors.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet6> Console.Write(msg); break; case "/globalization:": // <Snippet7> // Get the globalization section. GlobalizationSection globalization = systemWeb.Globalization; // Read section information. info = globalization.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet7> Console.Write(msg); break; case "/httpcookies:": // <Snippet8> // Get the httpCookies section. HttpCookiesSection httpCookies = systemWeb.HttpCookies; // Read section information. info = httpCookies.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet8> Console.Write(msg); break; case "/httphandlers:": // <Snippet9> // Get the httpHandlers section. HttpHandlersSection httpHandlers = systemWeb.HttpHandlers; // Read section information. info = httpHandlers.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet9> Console.Write(msg); break; case "/httpmodules:": // <Snippet10> // Get the httpModules section. HttpModulesSection httpModules = systemWeb.HttpModules; // Read section information. info = httpModules.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet10> Console.Write(msg); break; case "/httpruntime:": // <Snippet11> // Get the httpRuntime section. HttpRuntimeSection httpRuntime = systemWeb.HttpRuntime; // Read section information. info = httpRuntime.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet11> Console.Write(msg); break; case "/identity:": // <Snippet12> // Get the identity section. IdentitySection identity = systemWeb.Identity; // Read section information. info = identity.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet12> Console.Write(msg); break; case "/machinekey:": // <Snippet13> // Get the machineKey section. MachineKeySection machineKey = systemWeb.MachineKey; // Read section information. info = machineKey.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet13> Console.Write(msg); break; case "/membership:": // <Snippet14> // Get the membership section. MembershipSection membership = systemWeb.Membership; // Read section information. info = membership.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet14> Console.Write(msg); break; case "/pages:": // <Snippet15> // Get the pages section. PagesSection pages = systemWeb.Pages; // Read section information. info = pages.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet15> Console.Write(msg); break; case "/processModel:": // <Snippet16> // Get the processModel section. ProcessModelSection processModel = systemWeb.ProcessModel; // Read section information. info = processModel.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet16> Console.Write(msg); break; case "/profile:": // <Snippet17> // Get the profile section. ProfileSection profile = systemWeb.Profile; // Read section information. info = profile.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet17> Console.Write(msg); break; case "/roleManager:": // <Snippet18> // Get the roleManager section. RoleManagerSection roleManager = systemWeb.RoleManager; // Read section information. info = roleManager.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet18> Console.Write(msg); break; case "/securityPolicy:": // <Snippet19> // Get the securityPolicy section. SecurityPolicySection securityPolicy = systemWeb.SecurityPolicy; // Read section information. info = securityPolicy.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet19> Console.Write(msg); break; case "/sessionState:": // <Snippet20> // Get the sessionState section. SessionStateSection sessionState = systemWeb.SessionState; // Read section information. info = sessionState.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet20> Console.Write(msg); break; case "/sitemap:": // <Snippet21> // Get the siteMap section. SiteMapSection siteMap = systemWeb.SiteMap; // Read section information. info = siteMap.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet21> Console.Write(msg); break; case "/trace:": // <Snippet22> // Get the trace section. TraceSection trace = systemWeb.Trace; // Read section information. info = trace.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet22> Console.Write(msg); break; case "/trust:": // <Snippet23> // Get the trust section. TrustSection trust = systemWeb.Trust; // Read section information. info = trust.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet23> Console.Write(msg); break; case "/browserCaps:": // <Snippet24> // Get the browserCaps section. DefaultSection browserCaps = systemWeb.BrowserCaps; // Read section information. info = browserCaps.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet24> Console.Write(msg); break; case "/clientTarget:": // <Snippet25> // Get the clientTarget section. ClientTargetSection clientTarget = systemWeb.ClientTarget; // Read section information. info = clientTarget.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet25> Console.Write(msg); break; case "/deployment:": // <Snippet26> // Get the deployment section. DeploymentSection deployment = systemWeb.Deployment; // Read section information. info = deployment.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet26> Console.Write(msg); break; case "/deviceFilters:": // <Snippet27> // Get the deviceFilters section. DefaultSection deviceFilters = systemWeb.DeviceFilters; // Read section information. info = deviceFilters.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet27> Console.Write(msg); break; case "/healthMonitoring:": // <Snippet28> // Get the healthMonitoring section. HealthMonitoringSection healthMonitoring = systemWeb.HealthMonitoring; // Read section information. info = healthMonitoring.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet28> Console.Write(msg); break; case "/hostingEnvironment:": // <Snippet29> // Get the hostingEnvironment section. HostingEnvironmentSection hostingEnvironment = systemWeb.HostingEnvironment; // Read section information. info = hostingEnvironment.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet29> Console.Write(msg); break; case "/mobileControls:": // <Snippet30> // Get the mobileControls section. ConfigurationSection mobileControls = systemWeb.MobileControls; // Read section information. info = mobileControls.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet30> Console.Write(msg); break; case "/protocols:": // <Snippet31> // Get the protocols section. DefaultSection protocols = systemWeb.Protocols; // Read section information. info = protocols.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet31> Console.Write(msg); break; case "/urlMappings:": // <Snippet32> // Get the urlMappings section. UrlMappingsSection urlMappings = systemWeb.UrlMappings; // Read section information. info = urlMappings.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet32> Console.Write(msg); break; case "/webControls:": // <Snippet33> // Get the webControls section. WebControlsSection webControls = systemWeb.WebControls; // Read section information. info = webControls.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet33> Console.Write(msg); break; case "/webParts:": // <Snippet34> // Get the webParts section. WebPartsSection webParts = systemWeb.WebParts; // Read section information. info = webParts.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet34> Console.Write(msg); break; case "/webServices:": // <Snippet35> // Get the webServices section. WebServicesSection webServices = systemWeb.WebServices; // Read section information. info = webServices.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet35> Console.Write(msg); break; case "/XhtmlConformance:": // <Snippet36> // Get the xhtmlConformance section. XhtmlConformanceSection xhtmlConformance = systemWeb.XhtmlConformance; // Read section information. info = xhtmlConformance.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); msg = String.Format( "Name: {0}\nDeclared: {1}\nType: {2}\n", name, declared, type); // </Snippet36> Console.Write(msg); break; case "/all:": StringBuilder allSections = new StringBuilder(); ConfigurationSectionGroup systemWebGroup = configuration.GetSectionGroup("system.web"); int i = 0; foreach (ConfigurationSection section in systemWebGroup.Sections) { i += 1; info = section.SectionInformation; name = info.SectionName; type = info.Type; declared = info.IsDeclared.ToString(); if (i < 10) { msg = String.Format( "{0})Name: {1}\nDeclared: {2}\nType: {3}\n", i.ToString(), name, declared, type); } else { msg = String.Format( "{0})Name: {1}\nDeclared: {2}\nType: {3}\n", i.ToString(), name, declared, type); } allSections.AppendLine(msg); } // Console.WriteLine(systemWebGroup.Name); // Console.WriteLine(systemWebGroup.SectionGroupName); Console.Write(allSections.ToString()); break; default: // Option is not allowed.. Console.Write("Input not allowed."); break; } } catch (ArgumentException e) { // Never display this. Use it for // debugging purposes. msg = e.ToString(); } }
public static bool CheckUrlAccessForPrincipal(String virtualPath, IPrincipal user, string verb) { if (virtualPath == null) { throw new ArgumentNullException("virtualPath"); } if (user == null) { throw new ArgumentNullException("user"); } if (verb == null) { throw new ArgumentNullException("verb"); } verb = verb.Trim(); VirtualPath vPath = VirtualPath.Create(virtualPath); if (!vPath.IsWithinAppRoot) { throw new ArgumentException(SR.GetString(SR.Virtual_path_outside_application_not_supported), "virtualPath"); } if (!s_EnabledDetermined) { if (!HttpRuntime.UseIntegratedPipeline) { HttpModulesSection modulesSection = RuntimeConfig.GetConfig().HttpModules; int len = modulesSection.Modules.Count; for (int iter = 0; iter < len; iter++) { HttpModuleAction module = modulesSection.Modules[iter]; if (Type.GetType(module.Type, false) == typeof(UrlAuthorizationModule)) { s_Enabled = true; break; } } } else { List <ModuleConfigurationInfo> modules = HttpApplication.IntegratedModuleList; foreach (ModuleConfigurationInfo mod in modules) { if (Type.GetType(mod.Type, false) == typeof(UrlAuthorizationModule)) { s_Enabled = true; break; } } } s_EnabledDetermined = true; } if (!s_Enabled) { return(true); } AuthorizationSection settings = RuntimeConfig.GetConfig(vPath).Authorization; // Check if the user is allowed, or the request is for the login page return(settings.EveryoneAllowed || settings.IsUserAllowed(user, verb)); }
internal static bool IsUserAllowedToPath(HttpContext context, VirtualPath virtualPath) { AuthorizationSection settings = RuntimeConfig.GetConfig(context, virtualPath).Authorization; return(settings.EveryoneAllowed || settings.IsUserAllowed(context.User, context.Request.RequestType)); }
public GeneralSettings() { AuthorizationSection = new AuthorizationSection(); SignalRSettings = new SignalRSettings(); }
public static bool CheckUrlAccessForPrincipal(string virtualPath, IPrincipal user, string verb) { AuthorizationSection config = (AuthorizationSection)WebConfigurationManager.GetSection("system.web/authorization", virtualPath); return(config == null ? true : config.IsValidUser(user, verb)); }
// load rules in new order protected void LoadRulesInNewOrder(AuthorizationSection section, ArrayList rulesArray, int selectedIndex, string upOrDown) { AddFirstGroupOfRules(section, rulesArray, selectedIndex, upOrDown); AddTheTwoSwappedRules(section, rulesArray, selectedIndex, upOrDown); AddFinalGroupOfRules(section, rulesArray, selectedIndex, upOrDown); }
public virtual bool IsAccessibleToUser(HttpContext context, SiteMapNode node) { if (context == null) { throw new ArgumentNullException("context"); } if (node == null) { throw new ArgumentNullException("node"); } if (!SecurityTrimmingEnabled) { return(true); } /* The node is accessible (according to msdn2) if: * * 1. The Roles exists on node and the current user is in at least one of the specified roles. * * 2. The current thread has an associated WindowsIdentity that has file access to the requested URL and * the URL is located within the directory structure for the application. * * 3. The current user is authorized specifically for the requested URL in the authorization element for * the current application and the URL is located within the directory structure for the application. */ /* 1. */ IList roles = node.Roles; if (roles != null && roles.Count > 0) { foreach (string rolename in roles) { if (rolename == "*" || context.User.IsInRole(rolename)) { return(true); } } } /* 2. */ /* XXX */ /* 3. */ string url = node.Url; if (!String.IsNullOrEmpty(url)) { // TODO check url is located within the current application if (VirtualPathUtility.IsAppRelative(url) || !VirtualPathUtility.IsAbsolute(url)) { url = VirtualPathUtility.Combine(VirtualPathUtility.AppendTrailingSlash(HttpRuntime.AppDomainAppVirtualPath), url); } AuthorizationSection config = (AuthorizationSection)WebConfigurationManager.GetSection( "system.web/authorization", url); if (config != null) { return(config.IsValidUser(context.User, context.Request.HttpMethod)); } } return(false); }
public SecurityModelMock(AuthorizationSection authorizationSection) { _AuthorizationSection = authorizationSection; }
/// <summary> /// 验证用户是否通过登录验证 /// </summary> /// <param name="context"></param> private static void CheckUserLogin(HttpContext context) { bool flag = true; if (!context.Request.Url.GetLeftPart(UriPartial.Path).EndsWith("ajax.aspx", StringComparison.OrdinalIgnoreCase) && !context.Request.Url.GetLeftPart(UriPartial.Path).EndsWith("login.aspx", StringComparison.OrdinalIgnoreCase)) { //配置WEB应用程序授权 AuthorizationSection section = (AuthorizationSection)context.GetSection("system.web/authorization"); if (((section.Rules.Count > 0) && (section.Rules[0].Action == AuthorizationRuleAction.Allow)) && section.Rules[0].Users.Contains("*")) { flag = false; } } if (flag && context.Request.Url.GetLeftPart(UriPartial.Path).EndsWith(".aspx", StringComparison.OrdinalIgnoreCase)) { //如果用户的验证代号通过 if (PEContext.Current.User.Identity.IsAuthenticated) { bool flag2 = false; UserInfo userInfo = PEContext.Current.User.UserInfo; if (userInfo.Status != UserStatus.None) { Utility.WriteUserErrMsg(Utility.GetGlobalErrorString("UserIsNotApprove"), "~/Default.aspx"); } if (!SiteConfig.UserConfig.EnableMultiLogOn && (PEContext.Current.User.LastPassword != userInfo.LastPassword)) { if (context.Request.Url.GetLeftPart(UriPartial.Path).EndsWith("ajax.aspx", StringComparison.OrdinalIgnoreCase)) { context.Items["err"] = "err"; context.Server.Transfer("~/ajax.aspx"); } else { Utility.WriteUserErrMsg(Utility.GetGlobalErrorString("MultiUserLoginSystem"), ""); } } if (SiteConfig.UserConfig.PresentExpPerLogOn > 0.0) { bool flag3 = false; if (!userInfo.LastPresentTime.HasValue) { flag3 = true; } else { TimeSpan span = (TimeSpan)(DateTime.Now - userInfo.LastPresentTime.Value); if (span.TotalDays >= 1.0) { flag3 = true; } } if (flag3) { userInfo.UserExp += (int)SiteConfig.UserConfig.PresentExpPerLogOn; userInfo.LastPresentTime = new DateTime?(DateTime.Now); flag2 = true; } } if ((context.Session != null) && (context.Session["UserName"] == null)) { userInfo.LogOnTimes++; userInfo.LastLogOnTime = new DateTime?(DateTime.Now); userInfo.LastLogOnIP = PEContext.Current.UserHostAddress; flag2 = true; context.Session.Add("UserName", PEContext.Current.User.UserName); } if (!userInfo.LastLogOnTime.HasValue) { userInfo.LastLogOnTime = new DateTime?(DateTime.Now); } if (flag2) { Users.Update(userInfo); } } } else if (PEContext.Current.User.Identity.IsAuthenticated && (PEContext.Current.User.UserInfo.Status != UserStatus.None)) { UserPrincipal principal = new UserPrincipal(new AnonymousAuthenticateIdentity()); principal.UserInfo = new UserInfo(true); principal.UserInfo.GroupId = -2; principal.UserInfo.IsInheritGroupRole = true; PEContext.Current.User = principal; GenericPrincipal principal2 = new GenericPrincipal(new NoAuthenticateIdentity(), null); context.User = principal2; FormsAuthentication.SignOut(); } }
// add two swapped rules protected void AddTheTwoSwappedRules(AuthorizationSection section, ArrayList rulesArray, int selectedIndex, string upOrDown) { if (upOrDown == "up") { section.Rules.Add((AuthorizationRule)rulesArray[selectedIndex]); section.Rules.Add((AuthorizationRule)rulesArray[selectedIndex - 1]); } else if (upOrDown == "down") { section.Rules.Add((AuthorizationRule)rulesArray[selectedIndex + 1]); section.Rules.Add((AuthorizationRule)rulesArray[selectedIndex]); } }