protected virtual User handleAuthentication(ref HttpListenerRequest a_oRequest, ref HttpListenerContext ctx)
{
User oUser = null;
if (m_eAuthenticationType == EAuthenticationTypes.eCookie)
{
Cookie oAuthCookie = a_oRequest.Cookies [AuthCookieName];
if (oAuthCookie != null)
{
if (!oAuthCookie.Expired)
{
oUser = m_oUserMgr.GetUserByCookie(oAuthCookie.Value);
}
}
}
else if (m_eAuthenticationType == EAuthenticationTypes.eBasic)
{
if (ctx.User != null && ctx.User.Identity.IsAuthenticated)
{
HttpListenerBasicIdentity oIdentity = (HttpListenerBasicIdentity)ctx.User.Identity;
oUser = m_oUserMgr.GetUserByLogin(oIdentity.Name, oIdentity.Password);
}
}
else if (m_eAuthenticationType == EAuthenticationTypes.eKey)
{
if (a_oRequest.Headers.AllKeys.Contains(AuthKeyName))
{
oUser = m_oUserMgr.GetUserByKey(a_oRequest.Headers[AuthKeyName]);
}
}
if (oUser == null)
{
oUser = new User("", new string[] { AuthAnonymousUserName }, false);
}
// Set name to client ip addr if authentication failed (e.g. wrong login or anonymous user)
if (oUser.IsAuthenticated == false)
{
oUser.Name = a_oRequest.RemoteEndPoint.ToString();
}
return(oUser);
}