/// <summary> /// Initializes a new instance of the <see cref="DbAuthenticationProvider"/> class /// </summary> /// <exception cref="AuthConfigurationException">Missing or invalid configuration at .config</exception> public DbAuthenticationProvider() { AuthUtils.ValidateConfig(ConfigManager.Instance.Config.DBAuth, this.GetType()); AuthUtils.ValidateConfig(ConfigManager.Instance.Config.DBAuth.Authentication, this.GetType()); string connectionStringName = ConfigManager.Instance.Config.DBAuth.Authentication.ConnectionStringName; if (string.IsNullOrEmpty(connectionStringName)) { throw new AuthConfigurationException(Errors.DbAuthMissingConnectionStringName); } var connectionStringSettings = ConfigurationManager.ConnectionStrings[connectionStringName]; if (connectionStringSettings == null) { throw new AuthConfigurationException(Errors.DbAuthMissingConnectionStringName); } if (!AuthUtils.ValidateContains(this._selectQuery, DbConstants.UserMacro)) { string invalidQuery = string.Format( CultureInfo.CurrentCulture, Errors.DbAuthenticationInvalidSqlQuery, DbConstants.UserMacro); throw new AuthConfigurationException( string.Format( CultureInfo.CurrentCulture, Errors.DbAuthInvalidSqlQuery, this.GetType().Name, invalidQuery)); } this._database = new Database(connectionStringSettings); string userParam = this._database.BuildParameterName(DbConstants.UserParamName); this._query = this._selectQuery.Replace(DbConstants.UserMacro, userParam); }
/// <summary> /// Check if the specified user with user name and password exists. /// </summary> /// <param name="user"> /// The <see cref="IUser"/> object that holds the user credentials /// </param> /// <returns> /// True if the specified user with user name and password exists. Else false /// </returns> private bool Exists(IUser user) { object o = this._database.ExecuteScalar(this._query, new[] { this._database.CreateInParameter(DbConstants.UserParamName, DbType.String, user.UserName) }); if (o != null) { return(user.CheckPasswordEnc(AuthUtils.ConvertDBValue <string>(o))); } return(false); }
/// <summary> /// Initializes a new instance of the <see cref="DbAuthorizationProvider"/> class. /// Initialize a new instance of the <see cref="DbAuthorizationProvider"/> class /// </summary> public DbAuthorizationProvider() { // check configuration AuthUtils.ValidateConfig(ConfigManager.Instance.Config.DBAuth, this.GetType()); AuthUtils.ValidateConfig(ConfigManager.Instance.Config.DBAuth.Authorization, this.GetType()); string connectionStringName = ConfigManager.Instance.Config.DBAuth.Authorization.ConnectionStringName; if (string.IsNullOrEmpty(connectionStringName)) { connectionStringName = ConfigManager.Instance.Config.DBAuth.Authentication != null ? ConfigManager.Instance.Config.DBAuth.Authentication.ConnectionStringName : null; } if (string.IsNullOrEmpty(connectionStringName)) { throw new AuthConfigurationException(Errors.DbAuthMissingConnectionStringName); } var connectionStringSettings = ConfigurationManager.ConnectionStrings[connectionStringName]; if (connectionStringSettings == null) { throw new AuthConfigurationException(Errors.DbAuthMissingConnectionStringName); } this._selectQuery = ConfigManager.Instance.Config.DBAuth.Authorization.Sql; if ( !AuthUtils.ValidateContains( this._selectQuery, DbConstants.UserMacro, DbConstants.DataflowIdMacro, DbConstants.DataflowVersionMacro, DbConstants.DataflowAgencyIdMacro)) { string missingMessage = string.Format( CultureInfo.CurrentCulture, Errors.DbAuthMissingConnectionStringName, DbConstants.DataflowIdMacro, DbConstants.DataflowVersionMacro, DbConstants.DataflowAgencyIdMacro, DbConstants.UserMacro); throw new AuthConfigurationException( string.Format( CultureInfo.CurrentCulture, Errors.DbAuthInvalidSqlQuery, this.GetType().Name, missingMessage)); } this._database = new Database(connectionStringSettings); }
/// <summary> /// Retrieve allowed dataflows for user from the database /// </summary> /// <param name="user"> /// The user /// </param> protected void RetrieveAllowedDataFlows(IUser user) { this._dataflowSet.Clear(); this._dataflowIdSet.Clear(); string userParam = this._database.BuildParameterName(DbConstants.UserParamName); string sql = this._selectQuery.Replace(DbConstants.UserMacro, userParam).Replace( DbConstants.DataflowIdMacro, DbConstants.DataflowIdField).Replace( DbConstants.DataflowVersionMacro, DbConstants.DataflowVersionField).Replace( DbConstants.DataflowAgencyIdMacro, DbConstants.DataflowAgencyIdField); using (DbCommand command = this._database.GetSqlStringCommand(sql)) { this._database.AddInParameter(command, DbConstants.UserParamName, DbType.String, user.UserName); using (IDataReader reader = this._database.ExecuteReader(command)) { int idIdx = reader.GetOrdinal(DbConstants.DataflowIdField); int versionIdx = reader.GetOrdinal(DbConstants.DataflowVersionField); int agencyIdx = reader.GetOrdinal(DbConstants.DataflowAgencyIdField); while (reader.Read()) { IMaintainableRefObject dataflowRefBean = new MaintainableRefObjectImpl { MaintainableId = AuthUtils.ConvertDBValue <string>(reader.GetValue(idIdx)), AgencyId = AuthUtils.ConvertDBValue <string>(reader.GetValue(agencyIdx)), Version = AuthUtils.ConvertDBValue <string>(reader.GetValue(versionIdx)) }; if (!this._dataflowSet.ContainsKey(dataflowRefBean)) { this._dataflowSet.Add(dataflowRefBean, dataflowRefBean.MaintainableId); List <IMaintainableRefObject> dataflowRefBeans; if (!this._dataflowIdSet.TryGetValue(dataflowRefBean.MaintainableId, out dataflowRefBeans)) { dataflowRefBeans = new List <IMaintainableRefObject>(); this._dataflowIdSet.Add(dataflowRefBean.MaintainableId, dataflowRefBeans); } dataflowRefBeans.Add(dataflowRefBean); } } } } }
/// <summary> /// Initializes a new instance of the <see cref="NsiAuthModule"/> class. /// Create a new instance of the <see cref="NsiAuthModule"/> class /// </summary> public NsiAuthModule() { _log.Debug("Starting SRI Authentication and dataflow authorization module."); AuthUtils.ValidateConfig(ConfigManager.Instance.Config, this.GetType()); this._userCred = UserCredentialsFactory.Instance.CreateUserCredentials(); this._authentication = AuthenticationProviderFactory.Instance.CreateAuthenticationProvider(); this._realm = ConfigManager.Instance.Config.Realm; string anonUser = ConfigManager.Instance.Config.AnonymousUser; if (!string.IsNullOrEmpty(anonUser)) { this._anonUser = UserFactory.Instance.CreateUser(this._realm); if (this._anonUser != null) { this._anonUser.UserName = anonUser; } } }