public bool IsAuthorized(string rawUrl, System.Security.Principal.IPrincipal user, string requestType) { UrlMatchElement urlMatched = null; foreach (UrlMatchElement urlMatch in _urlMatches) { if (!Regex.IsMatch(rawUrl, urlMatch.Expression, RegxOptions)) { continue; } urlMatched = urlMatch; break; } if (urlMatched == null) { return(true); } return(urlMatched.EveryoneAllowed || urlMatched.IsUserAllowed(user, requestType)); }
private bool IsValidIpAddress(UrlMatchElement urlMatched, IPAddress ipAddress) { foreach (IpAddressMatchElement ipAddressMatch in urlMatched.IpAddressMatches) { if (ipAddressMatch.NetMask == null) { if (ipAddressMatch.IpAddress == ipAddress) { return(ipAddressMatch.Access); } } else { if (IsAddressOnSubnet(ipAddress, ipAddressMatch.IpAddress, ipAddressMatch.NetMask)) { return(ipAddressMatch.Access); } } } return(urlMatched.DefaultAccess); }
public bool IsAuthorized(string rawUrl, string userHostAddress) { UrlMatchElement urlMatched = null; foreach (UrlMatchElement urlMatch in _urlMatches) { if (!Regex.IsMatch(rawUrl, urlMatch.Expression, RegxOptions)) { continue; } urlMatched = urlMatch; break; } if (urlMatched == null) { return(true); } var ipAddress = IPAddress.Parse(userHostAddress); return(IsValidIpAddress(urlMatched, ipAddress)); }
private void OnEnter(object source, EventArgs eventArgs) { var application = (HttpApplication)source; var context = application.Context; if (context.SkipAuthorization) { return; } var rawUrl = application.Request.RawUrl; UrlMatchElement urlMatched = null; foreach (UrlMatchElement urlMatch in urlMatches) { if (!Regex.IsMatch(rawUrl, urlMatch.Expression, regxOptions)) { continue; } urlMatched = urlMatch; break; } if (urlMatched == null) { return; } if (urlMatched.EveryoneAllowed || urlMatched.IsUserAllowed(context.User, context.Request.RequestType)) { return; } context.Response.StatusCode = 401; this.WriteErrorMessage(context); application.CompleteRequest(); }