protected void btnGo_Click(object sender, EventArgs e)
{
bool isValid = false;
string domain = ConfigurationManager.AppSettings["network_domain"];
//Check the network username and password
using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, domain))
{
isValid = pc.ValidateCredentials(txtUsername.Value, txtPassword.Value, ContextOptions.Negotiate);
}
if (isValid)
{
string sUsername = txtUsername.Value;
//Did request come from the setup page?
if (Request["page"] != null && Request["page"] == "setup")
{
Session["username"] = sUsername;
Response.Redirect("~/setup");
}
else
{
//Create a SAML 2.0 Response with the network username of the authenticating user.
var samlResponse = SamlResponse.CreateSamlResponse(
ConfigurationManager.AppSettings[tenant + "recipient"]
, ConfigurationManager.AppSettings[tenant + "issuer"]
, ConfigurationManager.AppSettings[tenant + "domain"]
, sUsername
, ConfigurationManager.AppSettings[tenant + "cert_issuer_name"]
, ConfigurationManager.AppSettings[tenant + "target"]);
form1.Action = ConfigurationManager.AppSettings[tenant + "recipient"];
RelayState.Value = ConfigurationManager.AppSettings[tenant + "target"];
SAMLResponse.Value = samlResponse;
if (Request["link"] != null)
{
RelayState.Value = Request["link"];
}
String scriptText = "";
scriptText += "function submitForm(){";
scriptText += " document.getElementById('form1').submit(); ";
scriptText += "}";
scriptText += "submitForm();";
ClientScript.RegisterStartupScript(this.GetType(),
"SubmitScript", scriptText, true);
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
string tenant = "";
string sUsername = User.Identity.Name.Split('\\')[1].ToLower();
//Default Tenant Override
if (Request["tenant"] != null)
{
tenant = Request["tenant"].ToString() + "_";
if (tenant.Length > 25)
{
tenant = "";
}
}
//Check for Bypass file - Redirect to Workday
if (File.Exists(Server.MapPath(".") + "\\Setup\\UserFiles\\" + sUsername + "_bypass.txt"))
{
string url = ConfigurationManager.AppSettings[tenant + "target"];
if (Request["link"] != null)
{
url = Request["link"];
}
Response.Redirect(url);
return;
}
//Check for login file - Login Required
if (File.Exists(Server.MapPath(".") + "\\Setup\\UserFiles\\" + sUsername + "_login.txt"))
{
string url = "login.aspx";
if (Request["link"] != null)
{
url += "?link=" + Request["link"];
}
Response.Redirect(url);
return;
}
//Access is Restricted
if (ConfigurationManager.AppSettings[tenant + "allowed"] != null)
{
string[] allowed = ConfigurationManager.AppSettings[tenant + "allowed"].Split(',');
bool found = false;
foreach (string username in allowed)
{
if (sUsername == username)
{
found = true;
break;
}
}
if (!found)
{
throw new Exception("Your username must be added to the allowed users list.");
}
}
//Admin impersonation
if (Request["i"] != null)
{
string[] admins = ConfigurationManager.AppSettings[tenant + "admins"].Split(',');
foreach (string admin in admins)
{
if (sUsername == admin)
{
sUsername = Request["i"].ToString();
}
}
}
//Input Validation
if (sUsername.Length > 25)
{
sUsername = sUsername.Substring(0, 25);
}
//************************************************************************************
//Create a SAML 2.0 Response with the network username of the authenticating user.
//************************************************************************************
var samlResponse = SamlResponse.CreateSamlResponse(
ConfigurationManager.AppSettings[tenant + "recipient"]
, ConfigurationManager.AppSettings[tenant + "issuer"]
, ConfigurationManager.AppSettings[tenant + "domain"]
, sUsername
, ConfigurationManager.AppSettings[tenant + "cert_issuer_name"]
, ConfigurationManager.AppSettings[tenant + "target"]);
form1.Action = ConfigurationManager.AppSettings[tenant + "recipient"];
RelayState.Value = ConfigurationManager.AppSettings[tenant + "target"];
SAMLResponse.Value = samlResponse;
if (Request["link"] != null)
{
RelayState.Value = Request["link"];
}
}