/// <summary> /// Initializes a new instance of the ZentityUserAdmin class /// only if the credentials are correct and the user is set as an admin user /// </summary> /// <param name="adminUserName">LogOnName of an admin user</param> /// <param name="adminPassword">Password of the admin user</param> /// <remarks> /// The Zentity installation provides a built in administrator account, whose credentials are as /// provided in the code below. /// It is highly recommended that the admin password should be changed soon after installing Zentity, /// and at least one alternate admin account should be created. /// </remarks> /// <example> /// <code> /// //The ZentityUserAdmin constructor initializes an instance only when valid credentials /// //for a user with admin rights are provided. /// //Otherwise the constructor throws AuthenticationException. /// try /// { /// ZentityUserAdmin admin = new ZentityUserAdmin("Administrator", "XXXX");//Supply correct password /// Console.WriteLine("Administrator logged in."); /// } /// //AuthenticationException might be thrown in case of errors in connecting to the authentication store /// //or if admin credentials are incorrect. /// catch (AuthenticationException ex) /// { /// Console.WriteLine(ex.Message); /// //In case of database errors the AuthenticationException object will wrap the sql exception. /// if (ex.InnerException != null) /// { /// Console.WriteLine(ex.InnerException.Message); /// } /// } /// /// </code> /// </example> public ZentityUserAdmin(string adminUserName, string adminPassword) { #region Input Validation if (string.IsNullOrEmpty(adminUserName)) { throw new ArgumentNullException("adminUserName"); } if (string.IsNullOrEmpty(adminPassword)) { throw new ArgumentNullException("adminPassword"); } #endregion try { ZentityUser user = new ZentityUser(adminUserName, adminPassword); if (user.VerifyPassword()) { if (!DataAccessLayer.IsAdmin(adminUserName)) { throw new AuthenticationException(ConstantStrings.AdminAuthenticationExceptionMessage); } } else { throw new AuthenticationException(ConstantStrings.AdminAuthenticationExceptionMessage); } } catch (TypeInitializationException ex) { //// thrown in case of incorrect application configuration throw new AuthenticationException(ConstantStrings.TypeInitializationExceptionMessage, ex); } }
/// <summary> /// Authenticates a user based on the UserNameSecurityToken passed /// </summary> /// <param name="credentialToken">This parameter is expected to be a UserNameSecurityToken</param> /// <returns>AuthenticatedToken instance for the user if authentication succeeds, null otherwise</returns> public AuthenticatedToken Authenticate(SecurityToken credentialToken) { #region Input validation // Validate input if (credentialToken == null) { throw new ArgumentNullException("credentialToken"); } UserNameSecurityToken credential = credentialToken as UserNameSecurityToken; if (credential == null) { throw new ArgumentException(ConstantStrings.InvalidTokenTypeMessage, "credentialToken"); } #endregion try { // Authenticate user if (!string.IsNullOrEmpty(credential.UserName) && !string.IsNullOrEmpty(credential.Password)) { ZentityUser user = new ZentityUser(credential.UserName, credential.Password); bool authenticated = user.VerifyPassword(); if (authenticated) { ZentityAuthenticatedToken token = new ZentityAuthenticatedToken(credential.UserName.ToString()); return(token); } } // If username/password are not provided, or are invalid, return a null token. return(null); } catch (TypeInitializationException ex) { // thrown in case of incorrect application configuration throw new AuthenticationException(ConstantStrings.TypeInitializationExceptionMessage, ex); } }