/// <summary> /// Generates a "User Authentication" login event in the audit log, according to DICOM Supplement 95, /// and a "Security Alert" event if the operation failed. /// </summary> /// <param name="username">The username or asserted username of the account that was logged in.</param> /// <param name="authenticationServer">The authentication server against which the operation was performed.</param> /// <param name="eventResult">The result of the operation.</param> public static void LogLogin(string username, EventSource authenticationServer, EventResult eventResult) { if (!AuditingEnabled) { return; } try { var currentProcess = EventSource.GetUserEventSource(LocalHostname); // record that the current process is the one that identified the authentication event var auditHelper = new UserAuthenticationAuditHelper(currentProcess, eventResult, UserAuthenticationEventType.Login); auditHelper.AddUserParticipant(new AuditPersonActiveParticipant(username, string.Empty, username)); if (authenticationServer != null) { auditHelper.AddNode(authenticationServer); } Log(auditHelper); if (eventResult != EventResult.Success) { var alertAuditHelper = new SecurityAlertAuditHelper(currentProcess, eventResult, SecurityAlertEventTypeCodeEnum.NodeAuthentication); alertAuditHelper.AddReportingUser(currentProcess); alertAuditHelper.AddActiveParticipant(new AuditPersonActiveParticipant(username, string.Empty, username)); Log(alertAuditHelper); } } catch (Exception ex) { Platform.Log(LogLevel.Warn, ex, _messageAuditFailed); } }
protected void LoginClicked(object sender, EventArgs e) { if (SessionManager.Current != null) { // already logged in. Maybe from different page HttpContext.Current.Response.Redirect(FormsAuthentication.GetRedirectUrl(SessionManager.Current.Credentials.UserName, false), true); } try { SessionManager.InitializeSession(UserName.Text, Password.Text); UserAuthenticationAuditHelper audit = new UserAuthenticationAuditHelper(ServerPlatform.AuditSource, EventIdentificationContentsEventOutcomeIndicator.Success, UserAuthenticationEventType.Login); audit.AddUserParticipant(new AuditPersonActiveParticipant(UserName.Text, null, SessionManager.Current.Credentials.DisplayName)); ServerPlatform.LogAuditMessage(audit); } catch (PasswordExpiredException) { Platform.Log(LogLevel.Info, "Password for {0} has expired. Requesting new password.",UserName.Text); PasswordExpiredDialog.Show(UserName.Text, Password.Text); UserAuthenticationAuditHelper audit = new UserAuthenticationAuditHelper(ServerPlatform.AuditSource, EventIdentificationContentsEventOutcomeIndicator.Success, UserAuthenticationEventType.Login); audit.AddUserParticipant(new AuditPersonActiveParticipant(UserName.Text, null, null)); ServerPlatform.LogAuditMessage(audit); } catch (UserAccessDeniedException ex) { Platform.Log(LogLevel.Error, ex, ex.Message); ShowError(ErrorMessages.UserAccessDenied); UserName.Focus(); UserAuthenticationAuditHelper audit = new UserAuthenticationAuditHelper(ServerPlatform.AuditSource, EventIdentificationContentsEventOutcomeIndicator.SeriousFailureActionTerminated, UserAuthenticationEventType.Login); audit.AddUserParticipant(new AuditPersonActiveParticipant(UserName.Text, null, null)); ServerPlatform.LogAuditMessage(audit); } catch (CommunicationException ex) { Platform.Log(LogLevel.Error, ex, "Unable to contact A/A server"); ShowError(ErrorMessages.CannotContactEnterpriseServer); UserAuthenticationAuditHelper audit = new UserAuthenticationAuditHelper(ServerPlatform.AuditSource, EventIdentificationContentsEventOutcomeIndicator.MajorFailureActionMadeUnavailable, UserAuthenticationEventType.Login); audit.AddUserParticipant(new AuditPersonActiveParticipant(UserName.Text, null, null)); ServerPlatform.LogAuditMessage(audit); } catch (Exception ex) { Platform.Log(LogLevel.Error, ex, "Login error:"); ShowError(ex.Message); UserAuthenticationAuditHelper audit = new UserAuthenticationAuditHelper(ServerPlatform.AuditSource, EventIdentificationContentsEventOutcomeIndicator.MajorFailureActionMadeUnavailable, UserAuthenticationEventType.Login); audit.AddUserParticipant(new AuditPersonActiveParticipant(UserName.Text, null, null)); ServerPlatform.LogAuditMessage(audit); } }
/// <summary> /// Generates a "User Authentication" logout event in the audit log, according to DICOM Supplement 95. /// </summary> /// <param name="username">The username or asserted username of the account that was logged out.</param> /// <param name="authenticationServer">The authentication server against which the operation was performed.</param> /// <param name="eventResult">The result of the operation.</param> /// <param name="sessionId">The ID of the session that is being logged out.</param> public static void LogLogout(string username, string sessionId, EventSource authenticationServer, EventResult eventResult) { if (!AuditingEnabled) return; try { var currentProcess = EventSource.GetUserEventSource(LocalHostname); // record that the current process is the one that identified the authentication event var auditHelper = new UserAuthenticationAuditHelper(currentProcess, eventResult, UserAuthenticationEventType.Logout); auditHelper.AddUserParticipant(new AuditPersonActiveParticipant(username, string.Empty, username)); if (authenticationServer != null) auditHelper.AddNode(authenticationServer); Log(auditHelper, username, sessionId); } catch (Exception ex) { Platform.Log(LogLevel.Warn, ex, _messageAuditFailed); } }
public static void SignOut(SessionInfo session) { FormsAuthentication.SignOut(); if (session != null) { try { ForceOtherPagesToLogout(session); using (LoginService service = new LoginService()) { service.Logout(session.Credentials.SessionToken.Id); } } catch (NotSupportedException) { //ignore this. } catch (Exception e) { Platform.Log(LogLevel.Warn, e, "Failed to log user out."); } UserAuthenticationAuditHelper audit = new UserAuthenticationAuditHelper( ServerPlatform.AuditSource, EventIdentificationContentsEventOutcomeIndicator.Success, UserAuthenticationEventType.Logout); audit.AddUserParticipant(new AuditPersonActiveParticipant( session.Credentials.UserName, null, session.Credentials.DisplayName)); ServerPlatform.LogAuditMessage(audit); } }
public static void AuditLogout(string userName, string displayName, string sessionId) { var audit = new UserAuthenticationAuditHelper(_auditSource, EventIdentificationContentsEventOutcomeIndicator.Success, UserAuthenticationEventType.Logout); audit.AddUserParticipant(new AuditPersonActiveParticipant(userName, null, displayName)); LogAuditMessage(audit, userName, sessionId); }
public static void AuditFailure(string userId) { var audit = new UserAuthenticationAuditHelper(_auditSource, EventIdentificationContentsEventOutcomeIndicator.SeriousFailureActionTerminated, UserAuthenticationEventType.Login); audit.AddUserParticipant(new AuditPersonActiveParticipant(userId, null, null)); LogAuditMessage(audit, userId); }