/// <summary> /// Gets the users properties from the specified user store. /// </summary> /// <param name="identification">The identification.</param> /// <returns> /// Class of user properties /// </returns> public UserProperties GetUserProperties(string identification) { UserProperties userprop = new UserProperties(); userprop.FirstName = identification; // Determine which method to use to retrieve user information // WindowsSAM if (Globals.UserAccountSource == "WindowsSAM") { // Extract the machine or domain name and the user name from the // identification string string[] samPath = identification.Split(new char[] { '\\' }); _path = String.Format("{0}{1}", "WinNT://", samPath[0]); try { // Find the user DirectoryEntry entryRoot = new DirectoryEntry(_path); DirectoryEntry userEntry = entryRoot.Children.Find(samPath[1], "user"); userprop.FirstName = userEntry.Properties["FullName"].Value.ToString(); userprop.Email = string.Empty; return userprop; } catch { return userprop; } } // Active Directory else if (Globals.UserAccountSource == "ActiveDirectory") { DirectoryEntry entry; if (string.IsNullOrEmpty(HostSetting.GetHostSetting("ADUserName"))) entry = new DirectoryEntry(String.Format("{0}{1}", "GC://", HostSetting.GetHostSetting("ADPath")), null, null, AuthenticationTypes.ReadonlyServer); else entry = new DirectoryEntry(String.Format("{0}{1}", "GC://", HostSetting.GetHostSetting("ADPath")), HostSetting.GetHostSetting("ADUserName"), HostSetting.GetHostSetting("ADPassword"), AuthenticationTypes.Secure); // Setup the filter identification = identification.Substring(identification.LastIndexOf(@"\") + 1, identification.Length - identification.LastIndexOf(@"\") - 1); string userNameFilter = string.Format(_filter, identification); // Get a Directory Searcher to the LDAPPath DirectorySearcher searcher = new DirectorySearcher(entry); if (searcher == null) { return userprop; } // Add the properties that need to be retrieved searcher.PropertiesToLoad.Add("givenName"); searcher.PropertiesToLoad.Add("mail"); searcher.PropertiesToLoad.Add("sn"); // Set the filter for the search searcher.Filter = userNameFilter; // Because this can get messy and there are multiple ways to have problems. string StrError = ""; try { // Execute the search SearchResult search = searcher.FindOne(); if (search != null) { userprop.FirstName = SearchResultProperty(search, "givenName"); //firstname userprop.LastName = SearchResultProperty(search, "sn"); //lastname // Modification by Stewart Moss // 12-Nov-2008 - Inserted into 0.8 branch 2009-02-17 // // This is to resolve [BGN-774]. // // It gets the default email address and checks to see if it is a valid smtp address. // If not, it tests each proxyaddress to see if it is smtp and returns the // first smtp address it finds. string email= SearchResultProperty(search, "mail").Trim(); //email address string bademail = "1st Run"; // email regular expression Regex regexEmail = new Regex(ValidEmailRegularExpression, RegexOptions.IgnoreCase | RegexOptions.CultureInvariant | RegexOptions.IgnorePatternWhitespace); if (!regexEmail.IsMatch(email)) { // It does not match an smtp format address, now we search the hard way // most of the code courtesy of: // http://blog.lozanotek.com/articles/149.aspx // Querying Active Directory for User Emails // Javier G. Lozano email = ""; foreach (string proxyAddr in search.Properties["proxyaddresses"]) { try { //Make it 'case insensitive' if (proxyAddr.ToLower().StartsWith("smtp:")) { //Get the email string from AD email = proxyAddr.Substring(5).Trim(); // we are only interested in the first *valid* smtp address if (regexEmail.IsMatch(email)) { break; } else { bademail = email; email = ""; } } } catch (Exception ex) { // report errors nicely try { StrError = "Error in AD proxyaddresses '" + proxyAddr.ToLower() + "' returns '" + proxyAddr.Substring(5).Trim() + "'. Error='" + ex.Message + "'"; } catch (Exception ex2) { StrError = "Error in AD proxyaddresses '" + proxyAddr.ToLower() + "' returns 'proxyAddr.Substring(5).Trim() undefined'. Error='" + ex2.Message + "'"; } bademail = email; email = ""; // Keep searching after exception } } // foreach } if (email == "") { throw new Exception("Email address='" + bademail + "' is invalid! Error='" + StrError + "'."); } userprop.Email = email; //add new properties here to fill the profile. return userprop; } else return userprop; } catch { return userprop; } } else { // The user has not choosen an UserAccountSource or UserAccountSource as None // Usernames will be displayed as "Domain\Username" return userprop; } }
/// <summary> /// Handles the AuthenticateRequest event of the context control. /// </summary> /// <param name="sender">The source of the event.</param> /// <param name="e">The <see cref="T:System.EventArgs"/> instance containing the event data.</param> void context_AuthenticateRequest(object sender, EventArgs e) { //check if we are upgrading/installing if (HttpContext.Current.Request.Url.LocalPath.ToLower().EndsWith("install.aspx")) { return; } //get host settings bool enabled = HostSettingManager.Get(HostSettingNames.UserAccountSource) == "ActiveDirectory" || HostSettingManager.Get(HostSettingNames.UserAccountSource) == "WindowsSAM"; //check if windows authentication is enabled in the host settings if (enabled) { if (System.Web.HttpContext.Current.User != null) { MDC.Set("user", System.Web.HttpContext.Current.User.Identity.Name); } // This was moved from outside "if enabled" to only happen when we need it. HttpRequest request = HttpContext.Current.Request; // not needed to be removed // HttpResponse response = HttpContext.Current.Response; if (request.IsAuthenticated) { if ((HttpContext.Current.User.Identity.AuthenticationType == "NTLM" || HttpContext.Current.User.Identity.AuthenticationType == "Negotiate")) { //check if the user exists in the database MembershipUser user = UserManager.GetUser(HttpContext.Current.User.Identity.Name); if (user == null) { try { UserProperties userprop = GetUserProperties(HttpContext.Current.User.Identity.Name); MembershipUser mu = null; MembershipCreateStatus createStatus = MembershipCreateStatus.Success; //create a new user with the current identity and a random password. if (Membership.RequiresQuestionAndAnswer) { mu = Membership.CreateUser(HttpContext.Current.User.Identity.Name, Membership.GeneratePassword(7, 2), userprop.Email, "WindowsAuth", "WindowsAuth", true, out createStatus); } else { mu = Membership.CreateUser(HttpContext.Current.User.Identity.Name, Membership.GeneratePassword(7, 2), userprop.Email); } if (createStatus == MembershipCreateStatus.Success && mu != null) { WebProfile Profile = new WebProfile().GetProfile(HttpContext.Current.User.Identity.Name); if (!string.IsNullOrWhiteSpace(userprop.DisplayName)) { Profile.DisplayName = userprop.DisplayName; } else { Profile.DisplayName = String.Format("{0} {1}", userprop.FirstName, userprop.LastName); } Profile.FirstName = userprop.FirstName; Profile.LastName = userprop.LastName; Profile.Save(); //auto assign user to roles List <Role> roles = RoleManager.GetAll().FindAll(r => r.AutoAssign == true); foreach (Role r in roles) { RoleManager.AddUser(mu.UserName, r.Id); } } user = Membership.GetUser(HttpContext.Current.User.Identity.Name); } catch (Exception ex) { if (Log.IsErrorEnabled) { Log.Error(String.Format("Unable to add new user '{0}' to BugNET application. Authentication Type='{1}'.", HttpContext.Current.User.Identity.Name, HttpContext.Current.User.Identity.AuthenticationType), ex); } } } else { //update the user's last login date. user.LastLoginDate = DateTime.Now; Membership.UpdateUser(user); } } } } }
/// <summary> /// Gets the users properties from the specified user store. /// </summary> /// <param name="identification">The identification.</param> /// <returns> /// Class of user properties /// </returns> public UserProperties GetUserProperties(string identification) { UserProperties userprop = new UserProperties(); userprop.FirstName = identification; // Determine which method to use to retrieve user information // WindowsSAM if (HostSettingManager.UserAccountSource == "WindowsSAM") { // Extract the machine or domain name and the user name from the // identification string string[] samPath = identification.Split(new char[] { '\\' }); _path = String.Format("{0}{1}", "WinNT://", samPath[0]); try { // Find the user DirectoryEntry entryRoot = new DirectoryEntry(_path); DirectoryEntry userEntry = entryRoot.Children.Find(samPath[1], "user"); userprop.FirstName = userEntry.Properties["FullName"].Value.ToString(); userprop.Email = string.Empty; return userprop; } catch { return userprop; } } // Active Directory else if (HostSettingManager.UserAccountSource == "ActiveDirectory") { // Setup the filter string username = identification.Substring(identification.LastIndexOf(@"\") + 1, identification.Length - identification.LastIndexOf(@"\") - 1); string domain = HostSettingManager.Get(HostSettingNames.ADPath); string login = HostSettingManager.Get(HostSettingNames.ADUserName); string password = HostSettingManager.Get(HostSettingNames.ADPassword); List<string> emailAddresses = new List<string>(); PrincipalContext domainContext; if (string.IsNullOrWhiteSpace(login)) domainContext = new PrincipalContext(ContextType.Domain, domain); else domainContext = new PrincipalContext(ContextType.Domain, domain, login, password); if (domainContext != null) { UserPrincipal user = UserPrincipal.FindByIdentity(domainContext, username); if (user != null) { // extract full name if (!string.IsNullOrWhiteSpace(user.GivenName) || !string.IsNullOrWhiteSpace(user.Surname)) { userprop.FirstName = user.GivenName == null ? "" : user.GivenName.Trim(); userprop.LastName = user.Surname == null ? "" : user.Surname.Trim(); } if (!string.IsNullOrWhiteSpace(user.DisplayName)) { userprop.DisplayName = user.DisplayName; } Regex regexEmail = new Regex(ValidEmailRegularExpression, RegexOptions.IgnoreCase | RegexOptions.CultureInvariant | RegexOptions.IgnorePatternWhitespace); foreach (var email in GetEmails(user)) { if (string.IsNullOrWhiteSpace(email)) continue; var fixedEmail = email.Trim(); //Make it 'case insensitive' if (fixedEmail.StartsWith("smtp:", StringComparison.InvariantCultureIgnoreCase)) { //Get the email string from AD fixedEmail = fixedEmail.Substring(5).Trim(); } if (regexEmail.IsMatch(fixedEmail)) { userprop.Email = fixedEmail; break; } } } } //add new properties here to fill the profile. return userprop; } else { // The user has not chosen an UserAccountSource or UserAccountSource as None // Usernames will be displayed as "Domain\Username" return userprop; } }
/// <summary> /// Gets the users properties from the specified user store. /// </summary> /// <param name="identification">The identification.</param> /// <returns> /// Class of user properties /// </returns> public UserProperties GetUserProperties(string identification) { UserProperties userprop = new UserProperties(); userprop.FirstName = identification; // Determine which method to use to retrieve user information // WindowsSAM if (HostSettingManager.UserAccountSource == "WindowsSAM") { // Extract the machine or domain name and the user name from the // identification string string[] samPath = identification.Split(new char[] { '\\' }); _path = String.Format("{0}{1}", "WinNT://", samPath[0]); try { // Find the user DirectoryEntry entryRoot = new DirectoryEntry(_path); DirectoryEntry userEntry = entryRoot.Children.Find(samPath[1], "user"); userprop.FirstName = userEntry.Properties["FullName"].Value.ToString(); userprop.Email = string.Empty; return(userprop); } catch { return(userprop); } } // Active Directory else if (HostSettingManager.UserAccountSource == "ActiveDirectory") { // Setup the filter string username = identification.Substring(identification.LastIndexOf(@"\") + 1, identification.Length - identification.LastIndexOf(@"\") - 1); string domain = HostSettingManager.Get(HostSettingNames.ADPath); string login = HostSettingManager.Get(HostSettingNames.ADUserName); string password = HostSettingManager.Get(HostSettingNames.ADPassword); List <string> emailAddresses = new List <string>(); PrincipalContext domainContext; if (string.IsNullOrWhiteSpace(login)) { domainContext = new PrincipalContext(ContextType.Domain, domain); } else { domainContext = new PrincipalContext(ContextType.Domain, domain, login, password); } if (domainContext != null) { UserPrincipal user = UserPrincipal.FindByIdentity(domainContext, username); if (user != null) { // extract full name if (!string.IsNullOrWhiteSpace(user.GivenName) || !string.IsNullOrWhiteSpace(user.Surname)) { userprop.FirstName = user.GivenName == null ? "" : user.GivenName.Trim(); userprop.LastName = user.Surname == null ? "" : user.Surname.Trim(); } if (!string.IsNullOrWhiteSpace(user.DisplayName)) { userprop.DisplayName = user.DisplayName; } Regex regexEmail = new Regex(ValidEmailRegularExpression, RegexOptions.IgnoreCase | RegexOptions.CultureInvariant | RegexOptions.IgnorePatternWhitespace); foreach (var email in GetEmails(user)) { if (string.IsNullOrWhiteSpace(email)) { continue; } var fixedEmail = email.Trim(); //Make it 'case insensitive' if (fixedEmail.StartsWith("smtp:", StringComparison.InvariantCultureIgnoreCase)) { //Get the email string from AD fixedEmail = fixedEmail.Substring(5).Trim(); } if (regexEmail.IsMatch(fixedEmail)) { userprop.Email = fixedEmail; break; } } } } //add new properties here to fill the profile. return(userprop); } else { // The user has not chosen an UserAccountSource or UserAccountSource as None // Usernames will be displayed as "Domain\Username" return(userprop); } }