public void Dispose() { if (Service != null) { Service.Dispose(); Service = null; } if (Kerberos != null) { Kerberos.Dispose(); Kerberos = null; } }
protected void InitialiseToken(bool adminOverride = false) { if (Kerberos != null) { Kerberos.Dispose(); Kerberos = null; } WindowsImpersonationContext windowsContext = null; try { var userToken = IntPtr.Zero; var logonAsAdmin = false; var logonAsAppPool = false; if (adminOverride || (bool.TryParse(Config.LogonAsAdmin, out logonAsAdmin) && logonAsAdmin)) { if (!string.IsNullOrEmpty(Config.DomainName) && !string.IsNullOrEmpty(Config.AdminUsername) && !string.IsNullOrEmpty(Config.AdminPassword)) { if (NativeMethods.LogonUser(Config.AdminUsername, Config.DomainName, Config.AdminPassword, (int)LogonType.Interactive, (int)LogonProvider.Default, out userToken)) { windowsContext = WindowsIdentity.Impersonate(userToken); } else { throw new ApplicationException("Logon for the Administrator failed."); } } else { throw new ApplicationException("Please provide Domain, Username and Password for the Administrator."); } } else if (bool.TryParse(Config.LogonAsAppPool, out logonAsAppPool) && !logonAsAppPool) { if (ServiceSecurityContext.Current == null) { windowsContext = WindowsIdentity.GetCurrent().Impersonate(); } else { windowsContext = ServiceSecurityContext.Current.WindowsIdentity.Impersonate(); } } Kerberos = new KerberosToken(KerberosSPN, ImpersonationLevel.Impersonation); #pragma warning disable CS0618 // Member is obselete, but it is required by the IBM P8 content engine API Service.RequestSoapContext.Security.Tokens.Clear(); Service.RequestSoapContext.Security.Tokens.Add(Kerberos); Service.RequestSoapContext.Security.Timestamp.TtlInSeconds = KerberosTTL; #pragma warning restore CS0618 } finally { if (windowsContext != null) { windowsContext.Undo(); } } }
/// <summary> /// Initializes a new instance of the <see cref="ClientInfo"/> class. /// </summary> /// <param name="parent">An <see cref="ClientHelper"/> object.</param> public ClientInfo(ClientHelper parent) { m_clientID = Guid.Empty; m_clientType = Common.GetApplicationType(); m_machineName = Environment.MachineName; // Get the user login id. if (!string.IsNullOrEmpty(UserInfo.RemoteUserID)) m_userName = UserInfo.RemoteUserID; else m_userName = UserInfo.CurrentUserID; // Get the type of client application. if (ClientType == ApplicationType.WindowsCui || ClientType == ApplicationType.WindowsGui) m_clientName = AppDomain.CurrentDomain.FriendlyName; else if (ClientType == ApplicationType.Web) m_clientName = HttpContext.Current.Request.ApplicationPath; // Initialize the serialized identity token. m_serializedIdentityToken = string.Empty; if (parent != null && parent.AuthenticationMethod != IdentityToken.None) { SecurityToken token = null; StringWriter stringWriter = new StringWriter(); XmlTextWriter xmlTextWriter = new XmlTextWriter(stringWriter); SerializableTokenWrapper<SecurityToken> serializer = new SerializableTokenWrapper<SecurityToken>(); try { // Create a token based on the selected method. if (parent.AuthenticationMethod == IdentityToken.Ntlm) { if (!string.IsNullOrEmpty(parent.AuthenticationInput) && parent.AuthenticationInput.Contains(":")) { // Input format: <username>:<password> string[] loginParts = parent.AuthenticationInput.Split(':'); token = new UsernameToken(loginParts[0], loginParts[1], PasswordOption.SendPlainText); } } else if (parent.AuthenticationMethod == IdentityToken.Kerberos) { if (!string.IsNullOrEmpty(parent.AuthenticationInput) && parent.AuthenticationInput.Contains("/")) { // Input format: host/<machine name> token = new KerberosToken(parent.AuthenticationInput, ImpersonationLevel.Impersonation); } } // Serialize the token to XML for transportation. if (token != null) { serializer.WriteToken(xmlTextWriter, token); m_serializedIdentityToken = stringWriter.ToString(); } } catch { // Identity token creation failed due to an exception. } } }