public Mercury.Server.Security.AuthenticationResponse Authenticate(String securityAuthorityName, String accountType, String accountName, String password, String newPassword, String environment) { Mercury.Server.Security.AuthenticationResponse authenticationResponse = new AuthenticationResponse(); Mercury.Server.Public.Interfaces.Security.Credentials credentials = new Public.Interfaces.Security.Credentials("", "", "", accountName, password, newPassword); Mercury.Server.Security.SecurityAuthority securityAuthority = application.SecurityAuthorityGet(securityAuthorityName); Mercury.Server.Security.Providers.ActiveDirectory.Provider activeDirectoryProvider; Mercury.Server.Session session = null; if (securityAuthority == null) { authenticationResponse.AuthenticationError = Mercury.Server.Public.Interfaces.Security.Enumerations.AuthenticationError.SecurityAuthorityError; authenticationResponse.AuthenticationException = new Exception("Unable to retreive Security Authority information from the database.", application.LastException); return(authenticationResponse); } SetProviderCredentials(accountType, securityAuthority, credentials); activeDirectoryProvider = new Providers.ActiveDirectory.Provider(credentials); authenticationResponse.IsAuthenticated = activeDirectoryProvider.Authenticate(); if (authenticationResponse.IsAuthenticated) { session = CreateSession(securityAuthority, authenticationResponse, credentials, environment); } SetAuthenticationError(authenticationResponse, credentials); return(authenticationResponse); }
public Mercury.Server.Security.AuthenticationResponse Authenticate(String environment) { AuthenticationResponse authenticationResponse = new AuthenticationResponse(); Mercury.Server.Public.Interfaces.Security.Credentials credentials = new Public.Interfaces.Security.Credentials(); Mercury.Server.Security.SecurityAuthority securityAuthority; Mercury.Server.Session session = null; try { if (((System.Threading.Thread.CurrentPrincipal.Identity.AuthenticationType == "NTLM") || (System.Threading.Thread.CurrentPrincipal.Identity.AuthenticationType == "Kerberos") || (System.Threading.Thread.CurrentPrincipal.Identity.AuthenticationType == "Negotiate") ) && (System.Threading.Thread.CurrentPrincipal.Identity.IsAuthenticated) && (!String.IsNullOrEmpty(System.Threading.Thread.CurrentPrincipal.Identity.Name))) { #region Retreive Credentials from Thread.CurrentPrincipal credentials.Domain = System.Threading.Thread.CurrentPrincipal.Identity.Name.Split('\\')[0]; credentials.UserName = System.Threading.Thread.CurrentPrincipal.Identity.Name.Split('\\')[1]; application.TraceWriteLineInfo(application.TraceSwitchSecurity, "\r\n[Mercury.Server.Security.Authenticate] Credentials: " + credentials.Domain + "\\" + credentials.UserName); #endregion #region Retreive Security Authority for Domain and Authenticate // validate that the domain is a trusted security authority securityAuthority = application.SecurityAuthorityGet(credentials.Domain); if (securityAuthority != null) { if (securityAuthority.SecurityAuthorityType == Enumerations.SecurityAuthorityType.WindowsIntegrated) { #region Authenticate SetProviderCredentials(String.Empty, securityAuthority, credentials); Mercury.Server.Security.Providers.WindowsIntegrated.Provider windowsProvider = new Providers.WindowsIntegrated.Provider(); authenticationResponse.IsAuthenticated = windowsProvider.Authenticate(credentials); if (authenticationResponse.IsAuthenticated) { session = CreateSession(securityAuthority, authenticationResponse, credentials, environment); } SetAuthenticationError(authenticationResponse, credentials); #endregion } else { #region SECURITY AUTHORITY TYPE NOT WINDOWS INTEGRATED authenticationResponse.IsAuthenticated = false; credentials.AuthenticationError = Public.Interfaces.Security.Enumerations.AuthenticationError.SecurityAuthorityError; SetAuthenticationError(authenticationResponse, credentials); authenticationResponse.AuthenticationException = new ApplicationException("[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "]: Security Authority Type is not Windows Integrated."); application.TraceWriteLineWarning(application.TraceSwitchSecurity, "\r\n[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "]: Security Authority Type is not Windows Integrated."); #endregion } } else { #region SECURITY AUTHORITY NOT FOUND authenticationResponse.IsAuthenticated = false; credentials.AuthenticationError = Public.Interfaces.Security.Enumerations.AuthenticationError.SecurityAuthorityError; SetAuthenticationError(authenticationResponse, credentials); authenticationResponse.AuthenticationException = new ApplicationException("[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "]: Security Authority Not Found."); application.TraceWriteLineWarning(application.TraceSwitchSecurity, "\r\n[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "]: Security Authority Not Found."); #endregion } #endregion } else { credentials.AuthenticationError = Mercury.Server.Public.Interfaces.Security.Enumerations.AuthenticationError.InvalidUserOrPassword; SetAuthenticationError(authenticationResponse, credentials); } } catch (Exception domainAccountException) { authenticationResponse.IsAuthenticated = false; credentials.AuthenticationError = Mercury.Server.Public.Interfaces.Security.Enumerations.AuthenticationError.InvalidUserOrPassword; SetAuthenticationError(authenticationResponse, credentials); authenticationResponse.AuthenticationException = new ApplicationException("[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "] " + authenticationResponse.AuthenticationException.Message, domainAccountException); application.TraceWriteLineError(application.TraceSwitchSecurity, "[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "] " + authenticationResponse.AuthenticationException.Message); application.TraceWriteLineError(application.TraceSwitchSecurity, "[Windows Integrated Authentication: " + credentials.Domain + "\\" + credentials.UserName + "] " + domainAccountException.Message); } return(authenticationResponse); }
protected Mercury.Server.Session CreateSession(Mercury.Server.Security.SecurityAuthority securityAuthority, Mercury.Server.Security.AuthenticationResponse authenticationResponse, Mercury.Server.Public.Interfaces.Security.Credentials credentials, String environmentName) { Mercury.Server.Session session = null; Mercury.Server.Environment.Environment environment = null; Boolean connectionSuccess = false; if (!authenticationResponse.IsAuthenticated) { return(null); } if (environmentName != String.Empty) { environment = application.EnvironmentGet(environmentName); Mercury.Server.Data.SqlDatabase environmentDatabase = null; if (environment != null) { environmentDatabase = new Mercury.Server.Data.SqlDatabase(environment.SqlConfiguration); connectionSuccess = environmentDatabase.Connect(); } if (!connectionSuccess) { if (environmentDatabase != null) { application.SetLastException(environmentDatabase.LastException); } authenticationResponse.IsAuthenticated = false; authenticationResponse.Environments = EnvironmentsAvailable(credentials); credentials.AuthenticationError = Mercury.Server.Public.Interfaces.Security.Enumerations.AuthenticationError.MustSelectEnvironment; credentials.AuthenticationException = new Exception("Unable to connect to requested environment."); return(null); } } // empty environment or environment selection not allowed for user if ((environmentName == String.Empty) || (!((";" + EnvironmentsAvailable(credentials) + ";").Contains(";" + environmentName + ";"))) || (environment == null)) { authenticationResponse.IsAuthenticated = false; authenticationResponse.Environments = EnvironmentsAvailable(credentials); credentials.AuthenticationError = Mercury.Server.Public.Interfaces.Security.Enumerations.AuthenticationError.MustSelectEnvironment; } else { credentials.Environment = environmentName; authenticationResponse.IsAuthenticated = true; authenticationResponse.AuthenticationError = Mercury.Server.Public.Interfaces.Security.Enumerations.AuthenticationError.NoError; session = application.CreateSession(credentials); authenticationResponse.Token = session.Token; authenticationResponse.SecurityAuthorityId = session.SecurityAuthorityId; authenticationResponse.SecurityAuthorityName = session.SecurityAuthorityName; authenticationResponse.SecurityAuthorityType = session.SecurityAuthorityType; authenticationResponse.EnvironmentId = environment.Id; authenticationResponse.EnvironmentName = environment.Name; authenticationResponse.ConfidentialityStatement = environment.ConfidentialityStatement; authenticationResponse.UserAccountId = session.UserAccountId; authenticationResponse.UserAccountName = session.UserAccountName; authenticationResponse.UserDisplayName = session.UserDisplayName; authenticationResponse.GroupMembership = session.GroupMembership; authenticationResponse.RoleMembership = session.RoleMembership; authenticationResponse.EnterprisePermissionSet = session.EnterprisePermissionSet; authenticationResponse.EnvironmentPermissionSet = session.EnvironmentPermissionSet; authenticationResponse.WorkQueuePermissions = session.WorkQueuePermissions; authenticationResponse.WorkTeamMembership = session.WorkTeamMembership; } return(session); }
public Mercury.Server.Application GetApplication(String token) { Mercury.Server.Application application = null; Mercury.Server.Session session = null; String sessionCacheKey = "Mercury.Server.Session." + token; String applicationCacheKey = "Mercury.Server.Application." + token; Boolean localCacheSuccessful = false; lastException = null; try { if (IsCacheValid) { if (cache[sessionCacheKey] != null) { // LEVEL 1 CACHE FROM LOCAL SERVER session = (Mercury.Server.Session)cache.Get(sessionCacheKey); // Expiration Time from the Cache is maintained by a Sliding Time application = (Mercury.Server.Application)cache.Get(applicationCacheKey); application.ApplicationUpdated += new EventHandler(Application_OnUpdate); // application = new Mercury.Server.Application (session); localCacheSuccessful = true; } } if (!localCacheSuccessful) { // LEVEL 2 CACHE FROM DATABASE, FIRST CACHING IS ALWAYS LEVEL 2 FIRST application = new Mercury.Server.Application(token); if (application != null) { // CACHE TO LEVEL 1 CacheObject(sessionCacheKey, application.Session, new TimeSpan(0, 20, 0)); CacheObject(applicationCacheKey, application, new TimeSpan(0, 20, 0)); application.ApplicationUpdated += new EventHandler(Application_OnUpdate); } } if (application != null) { // UPDATE SESSION AUDIT LAST ACTIVITY TIME WHEN UPDATE INTERVAL HAS PASSED if (DateTime.Now.Subtract(application.Session.LastActivityDate).TotalSeconds >= (application.SessionLastActivityUpdateMinutes * 60)) { application.SessionUpdateLastActivity(); } } } catch (Exception cacheException) { lastException = cacheException; application = null; } if (application != null) { application.SetLastException(null); } return(application); }