private void OnEnter(object source, EventArgs eventArgs) { if (!_fAuthChecked || _fAuthRequired) { HttpApplication application = (HttpApplication)source; HttpContext context = application.Context; if (!_fAuthChecked) { AuthenticationSection authentication = RuntimeConfig.GetAppConfig().Authentication; _fAuthRequired = AuthenticationConfig.Mode == AuthenticationMode.Passport; _LoginUrl = authentication.Passport.RedirectUrl; _fAuthChecked = true; } if (_fAuthRequired) { PassportIdentity identity = new PassportIdentity(); this.OnAuthenticate(new PassportAuthenticationEventArgs(identity, context)); context.SetSkipAuthorizationNoDemand(AuthenticationConfig.AccessingLoginPage(context, _LoginUrl), false); if (!context.SkipAuthorization) { context.SkipAuthorization = AssemblyResourceLoader.IsValidWebResourceRequest(context); } } } }
//////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// /// <include file='doc\FormsAuthenticationModule.uex' path='docs/doc[@for="FormsAuthenticationModule.OnEnter"]/*' /> /// <devdoc> /// <para>[To be supplied.]</para> /// </devdoc> private void OnEnter(Object source, EventArgs eventArgs) { if (_fAuthChecked && !_fAuthRequired) { return; } HttpApplication app; HttpContext context; app = (HttpApplication)source; context = app.Context; AuthenticationConfig settings = (AuthenticationConfig)context.GetConfig("system.web/authentication"); if (!_fAuthChecked) { _fAuthRequired = (settings.Mode == AuthenticationMode.Forms); _fAuthChecked = true; } if (!_fAuthRequired) { return; } if (!_fFormsInit) { Trace("Initializing Forms Auth Manager"); FormsAuthentication.Initialize(); _FormsName = settings.CookieName; if (_FormsName == null) { _FormsName = CONFIG_DEFAULT_COOKIE; } Trace("Forms name is: " + _FormsName); _LoginUrl = settings.LoginUrl; if (_LoginUrl == null) { _LoginUrl = CONFIG_DEFAULT_LOGINURL; } _fFormsInit = true; } //////////////////////////////////////////////////////// // Step 2: Call OnAuthenticate virtual method to create // an IPrincipal for this request OnAuthenticate(new FormsAuthenticationEventArgs(context)); //////////////////////////////////////////////////////// // Skip AuthZ if accessing the login page context.SkipAuthorization = AuthenticationConfig.AccessingLoginPage(context, _LoginUrl); }
//////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// // Methods for internal implementation /// <include file='doc\PassportAuthenticationModule.uex' path='docs/doc[@for="PassportAuthenticationModule.OnEnter"]/*' /> /// <internalonly/> /// <devdoc> /// </devdoc> void OnEnter(Object source, EventArgs eventArgs) { if (_fAuthChecked && !_fAuthRequired) { return; } HttpApplication app; HttpContext context; app = (HttpApplication)source; context = app.Context; if (!_fAuthChecked) { AuthenticationConfig settings = (AuthenticationConfig)context.GetConfig("system.web/authentication"); _fAuthRequired = (settings.Mode == AuthenticationMode.Passport); _LoginUrl = settings.PassportUrl; _fAuthChecked = true; } if (!_fAuthRequired) { return; } //////////////////////////////////////////////////////// // Step 1: See if this request is valid or not if (context.Response.StatusCode == 401 || context.Response.StatusCode == 400 || context.Response.StatusCode == 500 || context.User != null) // Some module has already verified that the credentials are invalid { return; } //////////////////////////////////////////////////////// // Step 2: Create a Passport Identity from the credentials // from IIS PassportIdentity identity = new PassportIdentity(); //////////////////////////////////////////////////////// // Step 4: Call OnAuthenticate virtual method to create // an IPrincipal for this request OnAuthenticate(new PassportAuthenticationEventArgs(identity, context)); //////////////////////////////////////////////////////// // Skip AuthZ if accessing the login page context.SkipAuthorization = AuthenticationConfig.AccessingLoginPage(context, _LoginUrl); }
//////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// // Methods for internal implementation /// <internalonly/> /// <devdoc> /// </devdoc> void OnEnter(Object source, EventArgs eventArgs) { if (_fAuthChecked && !_fAuthRequired) { return; } HttpApplication app; HttpContext context; app = (HttpApplication)source; context = app.Context; if (!_fAuthChecked) { AuthenticationSection settings = RuntimeConfig.GetAppConfig().Authentication; _fAuthRequired = (AuthenticationConfig.Mode == AuthenticationMode.Passport); _LoginUrl = settings.Passport.RedirectUrl; _fAuthChecked = true; } if (!_fAuthRequired) { return; } //////////////////////////////////////////////////////// // Step 1: See if this request is valid or not // VSWhidbey 442515: We no longer need to do this check, always proceed //////////////////////////////////////////////////////// // Step 2: Create a Passport Identity from the credentials // from IIS PassportIdentity identity = new PassportIdentity(); //////////////////////////////////////////////////////// // Step 4: Call OnAuthenticate virtual method to create // an IPrincipal for this request OnAuthenticate(new PassportAuthenticationEventArgs(identity, context)); //////////////////////////////////////////////////////// // Skip AuthZ if accessing the login page context.SetSkipAuthorizationNoDemand(AuthenticationConfig.AccessingLoginPage(context, _LoginUrl), false /*managedOnly*/); if (!context.SkipAuthorization) { context.SkipAuthorization = AssemblyResourceLoader.IsValidWebResourceRequest(context); } }
private void OnEnter(object source, EventArgs eventArgs) { this._fOnEnterCalled = true; HttpApplication application = (HttpApplication)source; HttpContext context = application.Context; this.OnAuthenticate(new FormsAuthenticationEventArgs(context)); CookielessHelperClass cookielessHelper = context.CookielessHelper; if (AuthenticationConfig.AccessingLoginPage(context, FormsAuthentication.LoginUrl)) { context.SetSkipAuthorizationNoDemand(true, false); cookielessHelper.RedirectWithDetectionIfRequired(null, FormsAuthentication.CookieMode); } if (!context.SkipAuthorization) { context.SetSkipAuthorizationNoDemand(AssemblyResourceLoader.IsValidWebResourceRequest(context), false); } }
//////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// /// <devdoc> /// <para>[To be supplied.]</para> /// </devdoc> private void OnEnter(Object source, EventArgs eventArgs) { _fOnEnterCalled = true; HttpApplication app; HttpContext context; app = (HttpApplication)source; context = app.Context; #if DBG Trace("*******************Request path: " + context.Request.RawUrl); #endif //////////////////////////////////////////////////////// // Step 2: Call OnAuthenticate virtual method to create // an IPrincipal for this request OnAuthenticate(new FormsAuthenticationEventArgs(context)); //////////////////////////////////////////////////////// // Skip AuthZ if accessing the login page // We do this here to force the cookieless helper to fish out and // remove the token from the URL if it's present there. CookielessHelperClass cookielessHelper = context.CookielessHelper; if (AuthenticationConfig.AccessingLoginPage(context, FormsAuthentication.LoginUrl)) { context.SetSkipAuthorizationNoDemand(true, false /*managedOnly*/); cookielessHelper.RedirectWithDetectionIfRequired(null, FormsAuthentication.CookieMode); } if (!context.SkipAuthorization) { context.SetSkipAuthorizationNoDemand(AssemblyResourceLoader.IsValidWebResourceRequest(context), false /*managedOnly*/); } }