protected void imgSubmit_Click(object sender, EventArgs e) { OSAEObject obj = OSAEObjectManager.GetObjectByName(txtUserName.Text); if (obj != null) { string pass = obj.Property("Password").Value; if (pass == txtPassword.Text) { if (pass != "") { // Success, create non-persistent authentication cookie. FormsAuthentication.SetAuthCookie(txtUserName.Text.Trim(), false); Int32 cto = Convert.ToInt32(OSAEObjectPropertyManager.GetObjectPropertyValue("Web Server", "Timeout").Value); FormsAuthenticationTicket ticket1 = new FormsAuthenticationTicket(txtUserName.Text.Trim(), true, cto); HttpCookie cookie1 = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket1)); Response.Cookies.Add(cookie1); Session["UserName"] = OSAEObjectManager.GetObjectByName(this.txtUserName.Text.Trim()).Name; Session["TrustLevel"] = OSAEObjectPropertyManager.GetObjectPropertyValue(this.txtUserName.Text.Trim(), "Trust Level").Value; Session["SecurityLevel"] = OSAEObjectPropertyManager.GetObjectPropertyValue(this.txtUserName.Text.Trim(), "Security Level").Value; } else { FormsAuthentication.SetAuthCookie(txtUserName.Text.Trim(), false); Int32 cto = Convert.ToInt32(OSAEObjectPropertyManager.GetObjectPropertyValue("Web Server", "Timeout").Value); FormsAuthenticationTicket ticket1 = new FormsAuthenticationTicket(txtUserName.Text.Trim(), true, cto); HttpCookie cookie1 = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket1)); Response.Cookies.Add(cookie1); Session["UserName"] = OSAEObjectManager.GetObjectByName(this.txtUserName.Text.Trim()).Name; Session["TrustLevel"] = OSAEObjectPropertyManager.GetObjectPropertyValue(this.txtUserName.Text.Trim(), "Trust Level").Value; Session["SecurityLevel"] = OSAEObjectPropertyManager.GetObjectPropertyValue(this.txtUserName.Text.Trim(), "Security Level").Value; } // 4. Do the redirect. string returnUrl1; OSAEAdmin adSet = OSAEAdminManager.GetAdminSettings(); int tLevel = Convert.ToInt32(Session["TrustLevel"].ToString()); if (Session["SecurityLevel"].ToString() != "Admin" & tLevel < adSet.ObjectsTrust) { returnUrl1 = "screens.aspx?id=" + adSet.defaultScreen; } else { if (Request.QueryString["ReturnUrl"] == null) { returnUrl1 = "objects.aspx"; // the login is successful } else { returnUrl1 = Request.QueryString["ReturnUrl"]; //login not unsuccessful } } Response.Redirect(returnUrl1); } else { lblError.Visible = true; } } lblError.Visible = true; }
protected void Page_Load(object sender, EventArgs e) { if (!Page.IsPostBack) { if (Session["Username"] == null) { Response.Redirect("~/Default.aspx"); } if (Session["SecurityLevel"].ToString() != "Admin") { Response.Redirect("~/permissionError.aspx"); } OSAEAdmin adSet = OSAEAdminManager.GetAdminSettings(); screensLev.Text = adSet.ScreenTrust.ToString(); string dScreen = adSet.defaultScreen; objectsLev.Text = adSet.ObjectsTrust.ToString(); objectsAddLev.Text = adSet.ObjectsAddTrust.ToString(); objectsUpdateLev.Text = adSet.ObjectsUpdateTrust.ToString(); objectsDeleteLev.Text = adSet.ObjectsDeleteTrust.ToString(); analyticsLev.Text = adSet.AnalyticsTrust.ToString(); manageLev.Text = adSet.ManagementTrust.ToString(); objecttypeLev.Text = adSet.ObjectTypeTrust.ToString(); objecttypeAddLev.Text = adSet.ObjectTypeAddTrust.ToString(); objecttypeUpdateLev.Text = adSet.ObjectTypeUpdateTrust.ToString(); objecttypeDeleteLev.Text = adSet.ObjectTypeDeleteTrust.ToString(); scriptLev.Text = adSet.ScriptTrust.ToString(); scriptAddLev.Text = adSet.ScriptAddTrust.ToString(); scriptUpdateLev.Text = adSet.ScriptUpdateTrust.ToString(); scriptDeleteLev.Text = adSet.ScriptDeleteTrust.ToString(); scriptObjectEventLev.Text = adSet.ScriptObjectAddTrust.ToString(); scriptObjectTypeEventLev.Text = adSet.ScriptObjectTypeAddTrust.ToString(); patternLev.Text = adSet.PatternTrust.ToString(); patternAddLev.Text = adSet.PatternAddTrust.ToString(); patternUpdateLev.Text = adSet.PatternUpdateTrust.ToString(); patternDeleteLev.Text = adSet.PatternDeleteTrust.ToString(); readerLev.Text = adSet.ReaderTrust.ToString(); readerAddLev.Text = adSet.ReaderAddTrust.ToString(); readerUpdateLev.Text = adSet.ReaderUpdateTrust.ToString(); readerDeleteLev.Text = adSet.ReaderDeleteTrust.ToString(); scheduleLev.Text = adSet.ScheduleTrust.ToString(); scheduleAddLev.Text = adSet.ScheduleAddTrust.ToString(); scheduleUpdateLev.Text = adSet.ScheduleUpdateTrust.ToString(); scheduleDeleteLev.Text = adSet.ScheduleDeleteTrust.ToString(); imageLev.Text = adSet.ImagesTrust.ToString(); imageAddLev.Text = adSet.ImagesAddTrust.ToString(); imageDeleteLev.Text = adSet.ImagesDeleteTrust.ToString(); logsLev.Text = adSet.LogsTrust.ToString(); logsClearLev.Text = adSet.LogsClearTrust.ToString(); eventlogLev.Text = adSet.EventLogTrust.ToString(); methodlogLev.Text = adSet.MethodLogTrust.ToString(); serverlogLev.Text = adSet.ServerLogTrust.ToString(); debuglogLev.Text = adSet.DebugLogTrust.ToString(); valuesLev.Text = adSet.ValuesTrust.ToString(); configLev.Text = adSet.ConfigTrust.ToString(); OSAEObjectCollection screens = OSAEObjectManager.GetObjectsByType("SCREEN"); foreach (OSAEObject s in screens) { ListItem li = new ListItem(s.Name); if (s.Name == dScreen) { li.Selected = true; } mainScreen.Items.Add(li); } saveSuc.Visible = false; } }