protected void cmdSubmit_Click(object sender, EventArgs e) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); if (Request.QueryString["method"].ToString() == "login") { Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = txtUserName.Text.Trim(); user.Password = txtPassword.Text.Trim(); if (data.UserLogin(ref user)) { if (Request.QueryString["edit"] == "true") Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString()); else Response.Redirect(Request.QueryString["redirectto"].ToString()); } else { lblError.Text = "Login failed, please try again"; txtPassword.Text = ""; txtPassword.Focus(); } } }
protected void cmdSubmit_Click(object sender, EventArgs e) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = txtUserName.Text.Trim(); user.Password = txtUserName.Text.Trim(); // works on dev just now, need to change! if (user.UserName.Length == 0 && user.Password.Length == 0) { // Allow anonymous access. Do not log in person. // Add the gadgets Session[OpenSocialManager.OPENSOCIAL_GADGETS] = txtGadgetURLS.Text; Session[OpenSocialManager.OPENSOCIAL_DEBUG] = chkDebug.Checked; Session[OpenSocialManager.OPENSOCIAL_NOCACHE] = !chkUseCache.Checked; Response.Redirect(Root.Domain); } else if (sandboxPassword.Equals(txtPassword.Text.Trim()) && data.UserLogin(ref user)) { // User logged in, now add the gadgets // add the gadgets Session[OpenSocialManager.OPENSOCIAL_GADGETS] = txtGadgetURLS.Text; Session[OpenSocialManager.OPENSOCIAL_DEBUG] = chkDebug.Checked; Session[OpenSocialManager.OPENSOCIAL_NOCACHE] = !chkUseCache.Checked; Response.Redirect(Root.Domain); } else { lblError.Text = "Login failed, please try again"; txtPassword.Text = ""; txtPassword.Focus(); } }
public void autoLogin() { if (ConfigurationSettings.AppSettings["LOGIN_USER"] != null) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); if (Request.QueryString["method"].ToString() == "login") { Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = ConfigurationSettings.AppSettings["LOGIN_USER"]; user.Password = ConfigurationSettings.AppSettings["LOGIN_PASSWORD"]; if (data.UserLogin(ref user)) { Framework.Utilities.Cache.AlterDependency(sm.Session().SessionID); if (Request.QueryString["edit"] == "true") { Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString()); } else { Response.Redirect(Request.QueryString["redirectto"].ToString()); } } else { lblError.Text = "Login failed, please try again"; txtPassword.Text = ""; txtPassword.Focus(); } } } }
public void autoLogin() { if (ConfigurationSettings.AppSettings["LOGIN_USER"] != null) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); if (Request.QueryString["method"].ToString() == "login") { Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = ConfigurationSettings.AppSettings["LOGIN_USER"]; user.Password = ConfigurationSettings.AppSettings["LOGIN_PASSWORD"]; if (data.UserLogin(ref user)) { Framework.Utilities.Cache.AlterDependency(sm.Session().SessionID); if (Request.QueryString["edit"] == "true") Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString()); else Response.Redirect(Request.QueryString["redirectto"].ToString()); } else { lblError.Text = "Login failed, please try again"; txtPassword.Text = ""; txtPassword.Focus(); } } } }
protected void cmdSubmit_Click(object sender, EventArgs e) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); if (Request.QueryString["method"].ToString() == "login") { Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = txtUserName.Text.Trim(); user.Password = txtPassword.Text.Trim(); if (data.UserLogin(ref user)) { Framework.Utilities.Cache.AlterDependency(sm.Session().SessionID); if (Request.QueryString["edit"] == "true") { Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString()); } else { Response.Redirect(Request.QueryString["redirectto"].ToString()); } } else { lblError.Text = "Login failed, please try again"; txtPassword.Text = ""; txtPassword.Focus(); } } }
/// <summary> /// For User Authentication /// </summary> /// <param name="user"></param> /// <param name="session"></param> public bool UserLogin(ref User user) { bool loginsuccess = false; try { SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlParameter[] param = new SqlParameter[4]; dbconnection.Open(); param[0] = new SqlParameter("@UserName", user.UserName); param[1] = new SqlParameter("@Password", user.Password); param[2] = new SqlParameter("@UserID", null); param[2].DbType = DbType.Int32; param[2].Direction = ParameterDirection.Output; param[3] = new SqlParameter("@PersonID", null); param[3].DbType = DbType.Int32; param[3].Direction = ParameterDirection.Output; //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value. ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[User.Account].[Authenticate]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param)); dbconnection.Close(); try { user.UserID = Convert.ToInt32(param[2].Value.ToString()); if (param[3].Value != DBNull.Value) user.PersonID = Convert.ToInt32(param[3].Value.ToString()); } catch { } if (user.UserID != 0) { loginsuccess = true; sm.Session().UserID = user.UserID; sm.Session().PersonID = user.PersonID; sm.Session().LoginDate = DateTime.Now; Session session = sm.Session(); SessionUpdate(ref session); ActivityLog(user.PersonID, null, null); } } catch (Exception ex) { throw ex; } return loginsuccess; }
protected void cmdSubmit_Click(object sender, EventArgs e) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); if (Request.QueryString["method"].ToString() == "login") { Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = txtUserName.Text.Trim(); user.Password = txtPassword.Text.Trim(); String adDomain = ConfigurationSettings.AppSettings["AD.Domain"]; String adUser = null; String adPassword = null; try { adUser = ConfigurationSettings.AppSettings["AD.User"]; adPassword = ConfigurationSettings.AppSettings["AD.Password"]; } catch (Exception ex) { } String admin = null; try { admin = ConfigurationSettings.AppSettings["AD.AccessContact"]; } catch (Exception ex) { } using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, adDomain, adUser, adPassword)) { // validate the credentials if (pc.ValidateCredentials(user.UserName, user.Password)) { if (data.UserLoginExternal(ref user)) { if (Request.QueryString["edit"] == "true") Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString()); else Response.Redirect(Request.QueryString["redirectto"].ToString()); } else { lblError.Text = user.UserName + " is not an authorized user of the Profiles Research Networking Software application."; if (admin != null) lblError.Text = lblError.Text + "<br>Please contact " + admin + " to obtain access."; txtPassword.Text = ""; txtPassword.Focus(); } } else { lblError.Text = "Login failed, please try again"; txtPassword.Text = ""; txtPassword.Focus(); } } } }
/// <summary> /// For User Authentication /// </summary> /// <param name="user"></param> /// <param name="session"></param> public bool UserLogin(ref User user) { bool loginsuccess = false; string adPath = "LDAP://uams0.ad.uams.edu:389/DC=ad,DC=uams,DC=edu"; LdapAuthentication ldap = new LdapAuthentication(adPath); bool ldapLoginSuccess = false; string username; try { ldapLoginSuccess = ldap.IsAuthenticated("UAMS", user.UserName, user.Password); //HMHULL-TODO: Do I need to have Domain be an box in the logon form? } catch (Exception e) { return false; } if (ldapLoginSuccess) { // Get the email from LDAP here and use it as the username username = ldap.getEmail(); try { SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlParameter[] param = new SqlParameter[3]; dbconnection.Open(); param[0] = new SqlParameter("@UserName", username); param[1] = new SqlParameter("@UserID", null); param[1].DbType = DbType.Int32; param[1].Direction = ParameterDirection.Output; param[2] = new SqlParameter("@PersonID", null); param[2].DbType = DbType.Int32; param[2].Direction = ParameterDirection.Output; //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value. ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[User.Account].[Authenticate]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param)); dbconnection.Close(); try { user.UserID = Convert.ToInt32(param[1].Value.ToString()); if (param[2].Value != DBNull.Value) user.PersonID = Convert.ToInt32(param[2].Value.ToString()); } catch { } if (user.UserID != 0) { loginsuccess = true; sm.Session().UserID = user.UserID; sm.Session().PersonID = user.PersonID; sm.Session().LoginDate = DateTime.Now; Session session = sm.Session(); SessionUpdate(ref session); } } catch (Exception ex) { throw ex; } } return loginsuccess && ldapLoginSuccess; }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { if (Request.QueryString["method"].ToString() == "logout") { sm.SessionLogout(); sm.SessionDestroy(); Response.Redirect(Request.QueryString["redirectto"].ToString()); } else if (Request.QueryString["method"].ToString() == "shibboleth") { // added by Eric // If they specify an Idp, then check that they logged in from the configured IDP bool authenticated = false; if (ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"] == null || ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"].ToString().Equals(Request.Headers.Get("ShibIdentityProvider").ToString(), StringComparison.InvariantCultureIgnoreCase)) { String userName = Request.Headers.Get(ConfigurationManager.AppSettings["Shibboleth.UserNameHeader"].ToString()); //"025693078"; if (userName != null && userName.Trim().Length > 0) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = userName; if (data.UserLoginExternal(ref user)) { authenticated = true; RedirectAuthenticatedUser(); } } } if (!authenticated) { // try and just put their name in the session. sm.Session().ShortDisplayName = Request.Headers.Get("ShibdisplayName"); RedirectAuthenticatedUser(); } } else if (Request.QueryString["method"].ToString() == "login") { // see if they already have a login session, if so don't send them to shibboleth Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement(); String viewerId = sm.Session().PersonURI; if (viewerId != null && viewerId.Trim().Length > 0) { RedirectAuthenticatedUser(); } else { string redirect = Root.Domain + "/login/default.aspx?method=shibboleth"; if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true") redirect += "&edit=true"; else redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString(); Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() + HttpUtility.UrlEncode(redirect)); } } } }
protected void cmdSubmit_Click(object sender, EventArgs e) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); if (Request.QueryString["method"].ToString() == "login") { Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = txtUserName.Text.Trim(); user.Password = txtPassword.Text.Trim(); String adDomain = ConfigurationSettings.AppSettings["AD.Domain"]; String adUser = null; String adPassword = null; try { adUser = ConfigurationSettings.AppSettings["AD.User"]; adPassword = ConfigurationSettings.AppSettings["AD.Password"]; } catch (Exception ex) { } String admin = null; try { admin = ConfigurationSettings.AppSettings["AD.AccessContact"]; } catch (Exception ex) { } using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, adDomain, adUser, adPassword)) { // validate the credentials if (pc.ValidateCredentials(user.UserName, user.Password)) { if (data.UserLoginExternal(ref user)) { if (Request.QueryString["edit"] == "true") { Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString()); } else { Response.Redirect(Request.QueryString["redirectto"].ToString()); } } else { lblError.Text = user.UserName + " is not an authorized user of the Profiles Research Networking Software application."; if (admin != null) { lblError.Text = lblError.Text + "<br>Please contact " + admin + " to obtain access."; } txtPassword.Text = ""; txtPassword.Focus(); } } else { lblError.Text = "Login failed, please try again"; txtPassword.Text = ""; txtPassword.Focus(); } } } }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { if (Request.QueryString["method"].ToString() == "logout") { sm.SessionLogout(); sm.SessionDestroy(); Response.Redirect(Request.QueryString["redirectto"].ToString()); } else if (Request.QueryString["method"].ToString() == "shibboleth") { // added by Eric // If they specify an Idp, then check that they logged in from the configured IDP bool authenticated = false; if (ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"] == null || ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"].ToString().Equals(Request.Headers.Get("ShibIdentityProvider").ToString(), StringComparison.InvariantCultureIgnoreCase)) { String userName = Request.Headers.Get(ConfigurationManager.AppSettings["Shibboleth.UserNameHeader"].ToString()); //"025693078"; if (userName != null && userName.Trim().Length > 0) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = userName; if (data.UserLoginExternal(ref user)) { authenticated = true; RedirectAuthenticatedUser(); } } } if (!authenticated) { // try and just put their name in the session. //sm.Session().ShortDisplayName = Request.Headers.Get("ShibdisplayName"); RedirectAuthenticatedUser(); } } else if (Request.QueryString["method"].ToString() == "login") { // see if they already have a login session, if so don't send them to shibboleth Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement(); String viewerId = sm.Session().PersonURI; if (viewerId != null && viewerId.Trim().Length > 0) { RedirectAuthenticatedUser(); } else { string redirect = Root.Domain + "/login/default.aspx?method=shibboleth"; if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true") { redirect += "&edit=true"; } else { redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString(); } Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() + HttpUtility.UrlEncode(redirect)); } } } }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { if (Request.QueryString["method"].ToString() == "logout") { sm.SessionLogout(); sm.SessionDistroy(); Response.Redirect(Request.QueryString["redirectto"].ToString()); } else if (Request.QueryString["method"].ToString() == "shibboleth") { // added by Eric String employeeID = Request.Headers.Get("employeeNumber"); //"025693078"; // new IDP if (employeeID == null || employeeID.Trim().Length == 0) { employeeID = Request.Headers.Get("uid"); //"025693078"; if (employeeID != null && employeeID.Trim().Length > 9) { employeeID = employeeID.Substring(0, 9); } } if (employeeID != null && employeeID.Trim().Length > 0) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = employeeID; user.Password = employeeID; if (data.UserLogin(ref user)) { RedirectAuthenticatedUser(); } } } else if (Request.QueryString["method"].ToString() == "login") { // see if they already have a login session, if so don't send them to shibboleth Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement(); String viewerId = sm.Session().PersonURI; if (viewerId != null && viewerId.Trim().Length > 0) { RedirectAuthenticatedUser(); } else { string redirect = Root.Domain + "/login/default.aspx?method=shibboleth"; if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true") redirect += "&edit=true"; else redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString(); Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() + HttpUtility.UrlEncode(redirect)); } } } }