public InitiateSessionResponse InitiateSession(InitiateSessionRequest request)
        {
            bool ok = Membership.ValidateUser(request.UserName, request.Password);
            if (ok)
            {
                Guid tokenId = Guid.NewGuid();
                var token = new SessionToken(tokenId.ToString(), Platform.Time + ServerPlatform.WebSessionTimeout);
                string[] authority = Roles.GetRolesForUser(request.UserName);
                string displayName = request.UserName;

#if STANDALONE
                var list = new List<string>();
                list.AddRange(authority);
                list.Add(Enterprise.Authentication.AuthorityTokens.Study.ViewImages);
                list.Add("Viewer/Visible");
                list.Add("Viewer/Clinical");
                authority = list.ToArray();
#endif

                var rsp = new InitiateSessionResponse(token, authority, new Guid[0], displayName,string.Empty);

                SessionTokenManager.Instance.AddSession(token);

                return rsp;
            }
            throw new FaultException<UserAccessDeniedException>(new UserAccessDeniedException());
        }
		public InitiateSessionResponse InitiateSession(InitiateSessionRequest request)
		{
			Platform.CheckForNullReference(request, "request");
			Platform.CheckMemberIsSet(request.UserName, "UserName");
			Platform.CheckMemberIsSet(request.Application, "Application");
			Platform.CheckMemberIsSet(request.HostName, "HostName");
			Platform.CheckMemberIsSet(request.Password, "Password");

			return InitiateSessionHelper(
				request.UserName,
				request.Application,
				request.HostName,
				request.GetAuthorizations,
				user => user.InitiateSession(request.Application, request.HostName, request.Password, GetSessionTimeout()));
		}
예제 #3
0
        public InitiateSessionResponse InitiateSession(InitiateSessionRequest request)
        {
            bool ok = Membership.ValidateUser(request.UserName, request.Password);
            if (ok)
            {
                Guid tokenId = Guid.NewGuid();
                var token = new SessionToken(tokenId.ToString(), Platform.Time + ServerPlatform.WebSessionTimeout);
                string[] authority = Roles.GetRolesForUser(request.UserName);
                string displayName = request.UserName;

                var rsp = new InitiateSessionResponse(token, authority, new Guid[0], displayName,string.Empty);

                SessionTokenManager.Instance.AddSession(token);

                return rsp;
            }
            throw new FaultException<UserAccessDeniedException>(new UserAccessDeniedException());
        }
		public InitiateSessionResponse InitiateSession(InitiateSessionRequest request)
		{
			Platform.CheckForNullReference(request, "request");
			Platform.CheckMemberIsSet(request.UserName, "UserName");
			Platform.CheckMemberIsSet(request.Application, "Application");
			Platform.CheckMemberIsSet(request.HostName, "HostName");
			Platform.CheckMemberIsSet(request.Password, "Password");

			// check host name against white-list
			if (!CheckWhiteList(this.Settings.HostNameWhiteList, request.HostName))
				throw new UserAccessDeniedException();

			// check application name against white-list
			if (!CheckWhiteList(this.Settings.ApplicationWhiteList, request.Application))
				throw new UserAccessDeniedException();


			// find user
			var user = GetUser(request.UserName);
			if (user == null)
				throw new UserAccessDeniedException();

			// clean-up any expired sessions
			CleanExpiredSessions(user);

			// initiate new session
			var session = user.InitiateSession(request.Application, request.HostName, request.Password, GetSessionTimeout());

			// get authority tokens if requested
			var authorizations = request.GetAuthorizations ?
				PersistenceContext.GetBroker<IAuthorityTokenBroker>().FindTokensByUserName(request.UserName) : new string[0];
		    
            // Get DataAccess authority groups if requested
            var groups = request.GetAuthorizations
		                     ? PersistenceContext.GetBroker<IAuthorityGroupBroker>().FindDataGroupsByUserName(request.UserName)
		                     : new Guid[0];

		    return new InitiateSessionResponse(session.GetToken(), authorizations, groups, user.DisplayName, user.EmailAddress);
		}
예제 #5
0
        public SessionInfo Login(string userName, string password, string appName)
        {
            if (string.IsNullOrEmpty(userName))
                throw new ArgumentException(SR.UserIDIsEmpty);

            if (string.IsNullOrEmpty(password))
                throw new ArgumentException(SR.PasswordIsEmpty);

            Platform.CheckForEmptyString(password, "password");
            Platform.CheckForEmptyString(appName, "appName");

            SessionInfo session = null;
            
            Platform.GetService(
                delegate(IAuthenticationService  service)
                    {
                        try
                        {
                            var request = new InitiateSessionRequest(userName, appName,
                                                                     Dns.GetHostName(), password)
                                              {
                                                  GetAuthorizations = true
                                              };

                            InitiateSessionResponse response = service.InitiateSession(request);
                            if (response != null)
                            {
                                var credentials = new LoginCredentials
                                                      {
                                                          UserName = userName,
                                                          DisplayName = response.DisplayName,
                                                          SessionToken = response.SessionToken,
                                                          Authorities = response.AuthorityTokens,
                                                          DataAccessAuthorityGroups = response.DataGroupOids,
                                                          EmailAddress = response.EmailAddress
                                                      };
                                var user = new CustomPrincipal(new CustomIdentity(userName, response.DisplayName),credentials);
                                Thread.CurrentPrincipal = user;

                                session = new SessionInfo(user);
                                session.User.WarningMessages = response.WarningMessages;

                                // Note: need to insert into the cache before calling SessionInfo.Validate()
                                SessionCache.Instance.AddSession(response.SessionToken.Id, session);
                                session.Validate();
                                
                                Platform.Log(LogLevel.Info, "{0} has successfully logged in.", userName);                                
                            }                            
                        }
                        catch (FaultException<PasswordExpiredException> ex)
                        {
                            throw ex.Detail;
                        }
                        catch(FaultException<UserAccessDeniedException> ex)
                        {
                            throw ex.Detail;
                        }
                        catch (FaultException<RequestValidationException> ex)
                        {
                            throw ex.Detail;
                        }
                    }
                );

            return session;
        }