예제 #1
0
        public static void OTPReset(string domain, string username, ContextualSecurityToken authNSecurityToken, ContextMessageProperty contextMessageProperty)
        {
            // Create Anonymouse RmPerson and set ObjectID to Domain\User
            // The ObjectID attribute will become ResourceReferenceProperty in the message header
            RmPerson    user = new RmPerson();
            RmReference domainAndUsernameReference = new RmReference();

            domainAndUsernameReference.DomainAndUserNameValue = domain + '\\' + username;
            user.ObjectID = domainAndUsernameReference;
            PutResponse putResponse;

            putResponse = new PutResponse();
            string STSEndpoint = String.Empty;
            bool   putSuccess  = false; //This should always stay false with these calls unless no password reset workflow or qa authn workflow is attached.

            var          alternateClient = new AlternateClient();
            var          mexClient       = new MexClient();
            XmlSchemaSet metadata        = mexClient.Get();
            var          requestFactory  = new RmRequestFactory(metadata);

            // Set ResetPassword to true
            // Need a transaction to watch changes to the user
            using (RmResourceChanges transaction = new RmResourceChanges(user))
            {
                transaction.BeginChanges();

                user.ResetPassword = "******";

                try
                {
                    if (transaction.RmObject.ObjectID.Value.Split('\\').Length != 2)
                    {
                        throw new ArgumentException("User Identity must be specified by netbios domain in this format: Domain name\\user name.");
                    }

                    PutRequest alternateEPrequest = requestFactory.CreatePutRequest(transaction);

                    try
                    {
                        alternateClient.Put(alternateEPrequest, out putResponse, authNSecurityToken, contextMessageProperty);
                        putSuccess = true;
                    }
                    catch (System.ServiceModel.FaultException <Microsoft.ResourceManagement.Client.Faults.AuthenticationRequiredFault> authNFault)
                    {
                        Microsoft.ResourceManagement.WebServices.WSResourceManagement.AuthenticationRequiredFault msAuthNFault =
                            new Microsoft.ResourceManagement.WebServices.WSResourceManagement.AuthenticationRequiredFault(authNFault.Detail.SecurityTokenServiceAddress,
                                                                                                                          authNFault.Detail.UserRegistered.GetValueOrDefault(),
                                                                                                                          authNFault.Detail.UserLockedOut.GetValueOrDefault());

                        ContextMessageProperty responseContext;

                        if (ContextMessageProperty.TryGet(putResponse.Message, out responseContext) == false)
                        {
                            throw new InvalidOperationException("Could not retrieve security context message property even though we received an AuthN Fault. Something is fundamentally broken. Ensure assembly versions are correct and upgrades did not change protocol.");
                        }

                        throw new AuthenticationRequiredException(authNFault.Reason.ToString(),
                                                                  msAuthNFault,
                                                                  responseContext);
                    }
                }
                finally
                {
                    if (putSuccess == true)
                    {
                        transaction.AcceptChanges();
                    }
                    else
                    {
                        transaction.DiscardChanges();
                    }
                }
            }
        }
예제 #2
0
        public static void OTPReset(string domain, string username, ContextualSecurityToken authNSecurityToken, ContextMessageProperty contextMessageProperty)
        {
            // Create Anonymouse RmPerson and set ObjectID to Domain\User
            // The ObjectID attribute will become ResourceReferenceProperty in the message header
            RmPerson user = new RmPerson();
            RmReference domainAndUsernameReference = new RmReference();
            domainAndUsernameReference.DomainAndUserNameValue = domain + '\\' + username;
            user.ObjectID = domainAndUsernameReference;
            PutResponse putResponse;
            putResponse = new PutResponse();
            string STSEndpoint = String.Empty;
            bool putSuccess = false; //This should always stay false with these calls unless no password reset workflow or qa authn workflow is attached.

            var alternateClient = new AlternateClient();
            var mexClient = new MexClient();
            XmlSchemaSet metadata = mexClient.Get();
            var requestFactory = new RmRequestFactory(metadata);

            // Set ResetPassword to true
            // Need a transaction to watch changes to the user
            using (RmResourceChanges transaction = new RmResourceChanges(user))
            {
                transaction.BeginChanges();

                user.ResetPassword = "******";

                try
                {
                    if (transaction.RmObject.ObjectID.Value.Split('\\').Length != 2)
                    {
                        throw new ArgumentException("User Identity must be specified by netbios domain in this format: Domain name\\user name.");
                    }

                    PutRequest alternateEPrequest = requestFactory.CreatePutRequest(transaction);

                    try
                    {
                        alternateClient.Put(alternateEPrequest, out putResponse, authNSecurityToken, contextMessageProperty);
                        putSuccess = true;
                    }
                    catch (System.ServiceModel.FaultException<Microsoft.ResourceManagement.Client.Faults.AuthenticationRequiredFault> authNFault)
                    {

                        Microsoft.ResourceManagement.WebServices.WSResourceManagement.AuthenticationRequiredFault msAuthNFault =
                            new Microsoft.ResourceManagement.WebServices.WSResourceManagement.AuthenticationRequiredFault(authNFault.Detail.SecurityTokenServiceAddress,
                                                                                             authNFault.Detail.UserRegistered.GetValueOrDefault(),
                                                                                             authNFault.Detail.UserLockedOut.GetValueOrDefault());

                        ContextMessageProperty responseContext;

                        if (ContextMessageProperty.TryGet(putResponse.Message, out responseContext) == false)
                        {
                            throw new InvalidOperationException("Could not retrieve security context message property even though we received an AuthN Fault. Something is fundamentally broken. Ensure assembly versions are correct and upgrades did not change protocol.");
                        }

                        throw new AuthenticationRequiredException(authNFault.Reason.ToString(),
                                                                 msAuthNFault,
                                                                 responseContext);
                    }
                }
                finally
                {
                    if (putSuccess == true)
                    {
                        transaction.AcceptChanges();
                    }
                    else
                    {
                        transaction.DiscardChanges();
                    }
                }
            }
        }