void Page_Load(object sender, EventArgs e) { login_required(); btnSignIn.Text = L_SubmitLabel_Text; btnCancel.Text = L_CancelLabel_Text; if (Page.IsPostBack) { return; } String deliveryMethod = (string)Session["Delivery"]; RADIUSAttributes atts = new RADIUSAttributes(); if (deliveryMethod != null) { deliveryLabel.Text = deliveryMethod; VendorSpecificAttribute vsa = new VendorSpecificAttribute(VendorSpecificType.Generic, deliveryMethod); vsa.SetRADIUSAttribute(ref atts); } RADIUSClient client = new RADIUSClient(radiusServer, 1812, radiusSecret); RADIUSPacket response = client.Authenticate(username, password, atts); if (response == null) { Session["Message"] = "No response from RADIUS server"; logoff(); } onRadiusResponse(response); }
// Check validity of token (radius session id) by authenticating against // the RADIUS server // // Called when clicking on applications // // Returns 401 if not valid protected void Page_Load(object sender, EventArgs e) { username = (string)Session["DomainUserName"]; HttpCookie tokenCookie = Request.Cookies["RadiusSessionId"]; if (tokenCookie == null) { throw new HttpException(401, "Token required"); } token = tokenCookie.Value; VendorSpecificAttribute vsa = new VendorSpecificAttribute(VendorSpecificType.Generic, "LAUNCH"); RADIUSAttributes atts = new RADIUSAttributes(); vsa.SetRADIUSAttribute(ref atts); try { RADIUSPacket response = radiusClient.Authenticate(username, token, atts); if (response.Code == RadiusPacketCode.AccessAccept) { Response.Write("Ready to launch application. Granted access!"); } else { throw new HttpException(401, "Token is no longer valid!"); } } catch (Exception ex) { throw new HttpException(500, "Exception! failure. " + ex.Message); } }
public void btnSignIn_Click(object sender, EventArgs e) { String username = (string)Session["DomainUserName"]; RADIUSAttributes atts = new RADIUSAttributes(); RADIUSAttribute state = (RADIUSAttribute)Session["state"]; RADIUSClient client = new RADIUSClient(radiusServer, 1812, radiusSecret); atts.Add(state); String encryptedChallangeResult = Crypto.SHA256(username + SmsToken.Text + radiusSecret); RADIUSPacket response = client.Authenticate(username, encryptedChallangeResult, atts); onRadiusResponse(response); }
private void Accept() { Logger.LogDebug(_packet, "AcceptAccessRequest"); var sGuid = Guid.NewGuid().ToString(); UserSessions[_username] = sGuid; SessionTimestamps[_username] = DateTime.Now; var attributes = new RADIUSAttributes(); var guidAttribute = new RADIUSAttribute(RadiusAttributeType.ReplyMessage, sGuid); attributes.Add(guidAttribute); _packet.AcceptAccessRequest(attributes); }
public void btnSignIn_Click(object sender, EventArgs e) { String username = (string)Session["DomainUserName"]; RADIUSAttributes atts = new RADIUSAttributes(); RADIUSAttribute state = (RADIUSAttribute)Session["state"]; RADIUSClient client = new RADIUSClient(radiusServer, 1812, radiusSecret); atts.Add(state); // Careful to use lower case username in challenge encryption to match what server does. String encryptedChallengeResult = CryptoHelper.SHA256(username.ToLower() + SmsToken.Text + radiusSecret); RADIUSPacket response = client.Authenticate(username, encryptedChallengeResult, atts); onRadiusResponse(response); }
// Check validity of token (radius session id) by authenticating against // the RADIUS server // // Called when clicking on applications // // Returns 401 if not valid protected void Page_Load(object sender, EventArgs e) { string username = (string)Session["DomainUserName"]; HttpCookie tokenCookie = Request.Cookies["RadiusSessionId"]; // This must not be cached - we rely on this page being called on every application // start attempt in order to open the launch window. Response.Cache.SetCacheability(HttpCacheability.NoCache); Response.Cache.SetMaxAge(TimeSpan.Zero); if (tokenCookie == null) { throw new HttpException(401, "Token required"); } string token = tokenCookie.Value; VendorSpecificAttribute vsa = new VendorSpecificAttribute(VendorSpecificType.Generic, "LAUNCH"); RADIUSAttributes atts = new RADIUSAttributes(); vsa.SetRADIUSAttribute(ref atts); try { RADIUSPacket response = _radiusClient.Authenticate(username, token, atts); if (response.Code == RadiusPacketCode.AccessAccept) { Response.Write("Ready to launch application. Granted access!"); } else { throw new HttpException(401, "Token is no longer valid!"); } } catch (Exception ex) { throw new HttpException(500, "Exception! failure. " + ex.Message); } }
private void TwoFactorChallenge(SearchResult ldapResult) { string challengeCode = PassCodeGenerator.GenerateCode(); string authToken = Guid.NewGuid().ToString(); string clientIp = _packet.EndPoint.Address.ToString(); Logger.LogDebug(_packet, "Access Challenge Code: " + challengeCode); string sharedSecret ; if (!Config.Secrets.TryGetValue(clientIp, out sharedSecret)) throw new Exception("No shared secret for client:" + clientIp); AuthTokens[_username]=authToken; string encryptedChallengeResult = CryptoHelper.SHA256(_username + challengeCode + sharedSecret); EncryptedChallengeResults[_username] = encryptedChallengeResult; if (_useSmsFactor) { var mobile = LdapGetNumberCleaned(ldapResult); Sender.SendSMS(mobile, challengeCode); } if (_useEmailFactor) { var email = LdapGetEmail(ldapResult); Sender.SendEmail(email, challengeCode); } var attributes = new RADIUSAttributes { new RADIUSAttribute(RadiusAttributeType.ReplyMessage, "SMS Token"), new RADIUSAttribute(RadiusAttributeType.State, authToken) }; _packet.SendAccessChallenge(attributes); }
void Page_Load(object sender, EventArgs e) { login_required(); btnSignIn.Text = L_SubmitLabel_Text; btnCancel.Text = L_CancelLabel_Text; if (Page.IsPostBack){ return; } String deliveryMethod = (string)Session["Delivery"]; RADIUSAttributes atts = new RADIUSAttributes(); if (deliveryMethod != null){ deliveryLabel.Text = deliveryMethod; VendorSpecificAttribute vsa = new VendorSpecificAttribute(VendorSpecificType.Generic, deliveryMethod); vsa.SetRADIUSAttribute(ref atts); } RADIUSClient client = new RADIUSClient(radiusServer, 1812, radiusSecret); RADIUSPacket response = client.Authenticate(username, password, atts); if (response == null) { Session["Message"] = "No response from RADIUS server"; logoff(); } onRadiusResponse(response); }