public void Dispose()
{
if (Service != null)
{
Service.Dispose();
Service = null;
}
if (Kerberos != null)
{
Kerberos.Dispose();
Kerberos = null;
}
}
protected void InitialiseToken(bool adminOverride = false)
{
if (Kerberos != null)
{
Kerberos.Dispose();
Kerberos = null;
}
WindowsImpersonationContext windowsContext = null;
try
{
var userToken = IntPtr.Zero;
var logonAsAdmin = false;
var logonAsAppPool = false;
if (adminOverride || (bool.TryParse(Config.LogonAsAdmin, out logonAsAdmin) && logonAsAdmin))
{
if (!string.IsNullOrEmpty(Config.DomainName) &&
!string.IsNullOrEmpty(Config.AdminUsername) &&
!string.IsNullOrEmpty(Config.AdminPassword))
{
if (NativeMethods.LogonUser(Config.AdminUsername, Config.DomainName, Config.AdminPassword,
(int)LogonType.Interactive, (int)LogonProvider.Default, out userToken))
{
windowsContext = WindowsIdentity.Impersonate(userToken);
}
else
{
throw new ApplicationException("Logon for the Administrator failed.");
}
}
else
{
throw new ApplicationException("Please provide Domain, Username and Password for the Administrator.");
}
}
else if (bool.TryParse(Config.LogonAsAppPool, out logonAsAppPool) && !logonAsAppPool)
{
if (ServiceSecurityContext.Current == null)
{
windowsContext = WindowsIdentity.GetCurrent().Impersonate();
}
else
{
windowsContext = ServiceSecurityContext.Current.WindowsIdentity.Impersonate();
}
}
Kerberos = new KerberosToken(KerberosSPN, ImpersonationLevel.Impersonation);
#pragma warning disable CS0618 // Member is obselete, but it is required by the IBM P8 content engine API
Service.RequestSoapContext.Security.Tokens.Clear();
Service.RequestSoapContext.Security.Tokens.Add(Kerberos);
Service.RequestSoapContext.Security.Timestamp.TtlInSeconds = KerberosTTL;
#pragma warning restore CS0618
}
finally
{
if (windowsContext != null)
{
windowsContext.Undo();
}
}
}
/// <summary>
/// Initializes a new instance of the <see cref="ClientInfo"/> class.
/// </summary>
/// <param name="parent">An <see cref="ClientHelper"/> object.</param>
public ClientInfo(ClientHelper parent)
{
m_clientID = Guid.Empty;
m_clientType = Common.GetApplicationType();
m_machineName = Environment.MachineName;
// Get the user login id.
if (!string.IsNullOrEmpty(UserInfo.RemoteUserID))
m_userName = UserInfo.RemoteUserID;
else
m_userName = UserInfo.CurrentUserID;
// Get the type of client application.
if (ClientType == ApplicationType.WindowsCui || ClientType == ApplicationType.WindowsGui)
m_clientName = AppDomain.CurrentDomain.FriendlyName;
else if (ClientType == ApplicationType.Web)
m_clientName = HttpContext.Current.Request.ApplicationPath;
// Initialize the serialized identity token.
m_serializedIdentityToken = string.Empty;
if (parent != null && parent.AuthenticationMethod != IdentityToken.None)
{
SecurityToken token = null;
StringWriter stringWriter = new StringWriter();
XmlTextWriter xmlTextWriter = new XmlTextWriter(stringWriter);
SerializableTokenWrapper<SecurityToken> serializer = new SerializableTokenWrapper<SecurityToken>();
try
{
// Create a token based on the selected method.
if (parent.AuthenticationMethod == IdentityToken.Ntlm)
{
if (!string.IsNullOrEmpty(parent.AuthenticationInput) &&
parent.AuthenticationInput.Contains(":"))
{
// Input format: <username>:<password>
string[] loginParts = parent.AuthenticationInput.Split(':');
token = new UsernameToken(loginParts[0], loginParts[1], PasswordOption.SendPlainText);
}
}
else if (parent.AuthenticationMethod == IdentityToken.Kerberos)
{
if (!string.IsNullOrEmpty(parent.AuthenticationInput) &&
parent.AuthenticationInput.Contains("/"))
{
// Input format: host/<machine name>
token = new KerberosToken(parent.AuthenticationInput, ImpersonationLevel.Impersonation);
}
}
// Serialize the token to XML for transportation.
if (token != null)
{
serializer.WriteToken(xmlTextWriter, token);
m_serializedIdentityToken = stringWriter.ToString();
}
}
catch
{
// Identity token creation failed due to an exception.
}
}
}
