private static void RegisterAuthenticationHandlers() { // authentication message handlers from web.config file var authSvcCfg = AuthServicesConfiguration.GetConfig(); if (authSvcCfg?.MessageHandlers == null || authSvcCfg.MessageHandlers.Count <= 0) { return; } var registeredSchemes = new List <string>(); foreach (var handlerEntry in authSvcCfg.MessageHandlers.Cast <MessageHandlerEntry>()) { if (!handlerEntry.Enabled) { Logger.Trace("The following handler is disabled " + handlerEntry.ClassName); continue; } try { var type = Reflection.CreateType(handlerEntry.ClassName, false); var handler = Activator.CreateInstance(type, handlerEntry.DefaultInclude, handlerEntry.ForceSsl) as AuthMessageHandlerBase; if (handler == null) { throw new Exception("The handler is not a descendant of AuthMessageHandlerBase abstract class"); } var schemeName = handler.AuthScheme.ToUpperInvariant(); if (registeredSchemes.Contains(schemeName)) { Logger.Trace($"The following handler scheme '{handlerEntry.ClassName}' is already added and will be skipped"); continue; } GlobalConfiguration.Configuration.MessageHandlers.Add(handler); registeredSchemes.Add(schemeName); Logger.Trace($"Instantiated/Activated instance of {handler.AuthScheme}, class: {handler.GetType().FullName}"); if (handlerEntry.DefaultInclude) { DnnAuthorizeAttribute.AppendToDefaultAuthTypes(handler.AuthScheme); } if (handler.BypassAntiForgeryToken) { ValidateAntiForgeryTokenAttribute.AppendToBypassAuthTypes(handler.AuthScheme); } } catch (Exception ex) { Logger.Error("Cannot instantiate/activate instance of " + handlerEntry.ClassName + Environment.NewLine + ex); } } }
public void RegisterRoutes() { // register routes is ONLY called from within DNN application initialization // which is well protected from races // allowing us to not worry about multi-threading threats here if (!GlobalConfiguration.Configuration.MessageHandlers.Any(x => x is BasicAuthMessageHandler)) { // Everything in this block is run one time at startup // dnnContext message handler // this must run before any auth message handlers GlobalConfiguration.Configuration.MessageHandlers.Add(new DnnContextMessageHandler()); RegisterAuthenticationHandlers(); // this must run after all other auth message handlers var handler = new WebFormsAuthMessageHandler(); GlobalConfiguration.Configuration.MessageHandlers.Add(handler); DnnAuthorizeAttribute.AppendToDefaultAuthTypes(handler.AuthScheme); // Add Windows Authentication type to make API request works when windows authentication enabled. DnnAuthorizeAttribute.AppendToDefaultAuthTypes("Negotiate"); // media type formatter for text/html, text/plain GlobalConfiguration.Configuration.Formatters.Add(new StringPassThroughMediaTypeFormatter()); // controller selector that respects namespaces GlobalConfiguration.Configuration.Services.Replace(typeof(IHttpControllerSelector), new DnnHttpControllerSelector(GlobalConfiguration.Configuration)); GlobalConfiguration.Configuration.DependencyResolver = new DnnDependencyResolver(Globals.DependencyProvider); // tracwriter for dotnetnuke.instrumentation GlobalConfiguration.Configuration.Services.Replace(typeof(ITraceWriter), new TraceWriter(IsTracingEnabled())); // replace the default action filter provider with our own GlobalConfiguration.Configuration.Services.Add(typeof(IFilterProvider), new DnnActionFilterProvider()); var defaultprovider = GlobalConfiguration.Configuration.Services.GetFilterProviders().Where(x => x is ActionDescriptorFilterProvider); GlobalConfiguration.Configuration.Services.Remove(typeof(IFilterProvider), defaultprovider); // add standard tab and module id provider GlobalConfiguration.Configuration.AddTabAndModuleInfoProvider(new StandardTabAndModuleInfoProvider()); } using (this._routes.GetWriteLock()) { this._routes.Clear(); this.LocateServicesAndMapRoutes(); } Logger.TraceFormat("Registered a total of {0} routes", this._routes.Count); }