private void setStatus(CswEnumAuthenticationStatus Status, CswNbtObjClassUser User = null)
{
LoginStatus = Status == CswEnumAuthenticationStatus.Authenticated ? "Success" : "Failed";
FailureReason = CswEnumAuthenticationStatus.EuphamizedText[Status];
if (Status == CswEnumAuthenticationStatus.Failed)
{
FailureReason = null == User ? "Unknown Username" : "Bad Password";
}
}
public CswEnumAuthenticationStatus authenticate()
{
CswEnumAuthenticationStatus Ret = _AuthenticationStatus;
if (Ret != CswEnumAuthenticationStatus.Authenticated)
{
Ret = _authenticate();
}
return(Ret);
}
public void AuthenticateWithSchemaTest_AuthenticatedMixedCase()
{
CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest = new CswWebSvcSessionAuthenticateData.Authentication.Request();
AuthenticationRequest.UserName = "******";
AuthenticationRequest.Password = "******";
AuthenticationRequest.IpAddress = "127.0.0.1";
TestData.Nodes.createUserNode("GooDuseR", "goodpw1!");
CswEnumAuthenticationStatus Expected = CswEnumAuthenticationStatus.Authenticated;
ICswUser User;
AuthenticationRequest.AuthenticationStatus = CswEnumAuthenticationStatus.Failed;
AuthenticationRequest.AuthenticationStatus = _SchemaAuthenticator.AuthenticateWithSchema(_CswEncryption, AuthenticationRequest, out User);
Assert.AreEqual(Expected.ToString(), AuthenticationRequest.AuthenticationStatus.ToString(), "User was not authenticated.");
}
public void AuthenticateWithSchemaTest_FailedArchived()
{
CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest = new CswWebSvcSessionAuthenticateData.Authentication.Request {
UserName = "******", Password = "******", IpAddress = "127.0.0.1"
};
TestData.Nodes.createUserNode("gooduser", "goodpw1!", isArchived: CswEnumTristate.True);
CswEnumAuthenticationStatus Expected = CswEnumAuthenticationStatus.Archived;
ICswUser User;
AuthenticationRequest.AuthenticationStatus = CswEnumAuthenticationStatus.Failed;
AuthenticationRequest.AuthenticationStatus = _SchemaAuthenticator.AuthenticateWithSchema(_CswEncryption, AuthenticationRequest, out User);
Assert.AreEqual(Expected.ToString(), AuthenticationRequest.AuthenticationStatus.ToString(), "User was not archived.");
}
public void AuthenticateWithSchemaTest_FailedBadPasswordMixedCase()
{
CswWebSvcSessionAuthenticateData.Authentication.Request AuthenticationRequest = new CswWebSvcSessionAuthenticateData.Authentication.Request {
UserName = "******", Password = "******", IpAddress = "127.0.0.1"
};
TestData.Nodes.createUserNode("gooduser", "goodpw1!");
CswEnumAuthenticationStatus Expected = CswEnumAuthenticationStatus.Failed;
ICswUser User;
AuthenticationRequest.AuthenticationStatus = CswEnumAuthenticationStatus.Failed;
AuthenticationRequest.AuthenticationStatus = _SchemaAuthenticator.AuthenticateWithSchema(_CswEncryption, AuthenticationRequest, out User);
Assert.AreEqual(Expected.ToString(), AuthenticationRequest.AuthenticationStatus.ToString(), "User did not fail authentication as expected.");
}
/// <summary>
/// Finalize this request to set Authentication, Logging, Performance and Error content to the response.
/// </summary>
public void finalize(ICswResources CswResources, HttpContext HttpContext, CswEnumAuthenticationStatus AuthenticationStatus)
{
try
{
CswWebSvcCommonMethods.wAddAuthenticationStatus((CswNbtResources)CswResources, null, this, AuthenticationStatus, HttpContext);
}
catch (Exception Exception)
{
addException(CswResources, Exception);
}
// ******************************************
// IT IS VERY IMPORTANT for this function not to require the use of database resources,
// since it occurs AFTER the call to _deInitResources(), and thus will leak Oracle connections
// (see case 26273)
// ******************************************
}//finaize()
public CswEnumAuthenticationStatus GetAuthStatus(CswNbtObjClassUser UserNode)
{
CswEnumAuthenticationStatus AuthStatus = CswEnumAuthenticationStatus.Failed;
if (UserNode == null)
{
AuthStatus = CswEnumAuthenticationStatus.Failed;
}
else if (UserNode.getFailedLoginCount() == 0)
{
AuthStatus = CswEnumAuthenticationStatus.Authenticated;
if (UserNode.IsArchived())
{
AuthStatus = CswEnumAuthenticationStatus.Archived;
}
else if (UserNode.IsAccountLocked())
{
AuthStatus = CswEnumAuthenticationStatus.Locked;
}
}
return(AuthStatus);
}
public static void wAddAuthenticationStatus(CswNbtResources CswNbtResources, CswSessionResourcesNbt CswSessionResources, CswWebSvcReturn SvcReturn, CswEnumAuthenticationStatus AuthenticationStatusIn, HttpContext HttpContext)
{
// ******************************************
// IT IS VERY IMPORTANT for this function not to require the use of database resources,
// since it occurs AFTER the call to _deInitResources(), and thus will leak Oracle connections
// (see case 26273)
// ******************************************
if (null != SvcReturn)
{
SvcReturn.Authentication = SvcReturn.Authentication ?? new CswWebSvcSessionAuthenticateData.Authentication.Response();
SvcReturn.Authentication.AuthenticationStatus = AuthenticationStatusIn;
if (null != CswNbtResources)
{
if (null != CswNbtResources.CswSessionManager)
{
SvcReturn.Authentication.TimeOut = CswDateTime.ToClientAsJavascriptString(CswNbtResources.CswSessionManager.TimeoutDate);
}
if (SvcReturn.Authentication.AuthenticationStatus == CswEnumAuthenticationStatus.ExpiredPassword)
{
SvcReturn.Authentication.ExpirationReset = new CswWebSvcSessionAuthenticateData.Authentication.Response.Expired();
ICswNbtUser CurrentUser = CswNbtResources.CurrentNbtUser;
SvcReturn.Authentication.ExpirationReset.UserId = CurrentUser.UserId.ToString();
CswNbtNodeKey FakeKey = new CswNbtNodeKey()
{
NodeId = CurrentUser.UserId,
NodeSpecies = CswEnumNbtNodeSpecies.Plain,
NodeTypeId = CurrentUser.UserNodeTypeId,
ObjectClassId = CurrentUser.UserObjectClassId
};
SvcReturn.Authentication.ExpirationReset.UserKey = FakeKey.ToString();
CswPropIdAttr PasswordPropIdAttr = new CswPropIdAttr(CurrentUser.UserId, CurrentUser.PasswordPropertyId);
SvcReturn.Authentication.ExpirationReset.PasswordId = PasswordPropIdAttr.ToString();
}
SvcReturn.Performance = SvcReturn.Performance ?? new CswWebSvcReturnBase.Performance();
SvcReturn.Performance.ServerInit = Math.Round(CswNbtResources.ServerInitTime, 3);
SvcReturn.Performance.DbDeinit = Math.Round(CswNbtResources.CswLogger.DbInitTime, 3);
SvcReturn.Performance.DbQuery = Math.Round(CswNbtResources.CswLogger.DbQueryTime, 3);
SvcReturn.Performance.DbCommit = Math.Round(CswNbtResources.CswLogger.DbCommitTime, 3);
SvcReturn.Performance.DbDeinit = Math.Round(CswNbtResources.CswLogger.DbDeInitTime, 3);
SvcReturn.Performance.TreeLoaderSql = Math.Round(CswNbtResources.CswLogger.TreeLoaderSQLTime, 3);
SvcReturn.Performance.ServerTotal = Math.Round(CswNbtResources.TotalServerTime, 3);
SvcReturn.Logging = SvcReturn.Logging ?? new CswWebSvcReturnBase.Logging();
SvcReturn.Logging.CustomerId = CswNbtResources.AccessId;
SvcReturn.Logging.Server = Environment.MachineName;
CswEnumLogLevels LogLevel = CswNbtResources.ConfigVbls.getConfigVariableValue(CswEnumConfigurationVariableNames.Logging_Level);
if (LogLevel == CswNbtResources.UnknownEnum)
{
LogLevel = CswEnumLogLevels.Error;
}
SvcReturn.Logging.LogLevel = LogLevel;
// Return any messages acquired along the way
if (null != CswNbtResources.Messages && CswNbtResources.Messages.Count > 0)
{
SvcReturn.Status.Messages = CswNbtResources.Messages;
}
}
}
HttpCookie AuthStatusCookie = HttpContext.Request.Cookies["CswAuthStatus"];
if (null == AuthStatusCookie)
{
AuthStatusCookie = new HttpCookie("CswAuthStatus")
{
HttpOnly = true
};
}
if (AuthStatusCookie.Value != AuthenticationStatusIn.ToString())
{
AuthStatusCookie.Value = AuthenticationStatusIn;
HttpContext.Response.Cookies.Add(AuthStatusCookie);
}
} // wAddAuthenticationStatus()
public static void jAddAuthenticationStatus(CswNbtResources CswNbtResources, CswSessionResourcesNbt CswSessionResources, JObject SvcReturn, CswEnumAuthenticationStatus AuthenticationStatusIn, bool IsMobile = false)
{
if (SvcReturn != null)
{
SvcReturn["AuthenticationStatus"] = AuthenticationStatusIn.ToString();
SvcReturn["AuthenticationStatusText"] = CswEnumAuthenticationStatus.EuphamizedText[AuthenticationStatusIn];
if (false == IsMobile)
{
SvcReturn["server"] = Environment.MachineName;
if (null != CswNbtResources)
{
if (null != CswNbtResources.CswSessionManager)
{
SvcReturn["timeout"] = CswDateTime.ToClientAsJavascriptString(CswNbtResources.CswSessionManager.TimeoutDate);
}
if (AuthenticationStatusIn == CswEnumAuthenticationStatus.ExpiredPassword)
{
ICswNbtUser CurrentUser = CswNbtResources.CurrentNbtUser;
SvcReturn.Add(new JProperty("nodeid", CurrentUser.UserId.ToString()));
CswNbtNodeKey FakeKey = new CswNbtNodeKey()
{
NodeId = CurrentUser.UserId,
NodeSpecies = CswEnumNbtNodeSpecies.Plain,
NodeTypeId = CurrentUser.UserNodeTypeId,
ObjectClassId = CurrentUser.UserObjectClassId
};
SvcReturn.Add(new JProperty("nodekey", FakeKey.ToString()));
CswPropIdAttr PasswordPropIdAttr = new CswPropIdAttr(CurrentUser.UserId, CurrentUser.PasswordPropertyId);
SvcReturn.Add(new JProperty("passwordpropid", PasswordPropIdAttr.ToString()));
}
SvcReturn["timer"] = new JObject();
SvcReturn["timer"]["serverinit"] = Math.Round(CswNbtResources.ServerInitTime, 3);
CswEnumLogLevels LogLevel = CswNbtResources.ConfigVbls.getConfigVariableValue(CswEnumConfigurationVariableNames.Logging_Level);
if (LogLevel == CswNbtResources.UnknownEnum)
{
LogLevel = CswEnumLogLevels.Error;
}
SvcReturn["LogLevel"] = LogLevel.ToString().ToLower();
SvcReturn["timer"]["customerid"] = CswNbtResources.AccessId;
SvcReturn["timer"]["dbinit"] = Math.Round(CswNbtResources.CswLogger.DbInitTime, 3);
SvcReturn["timer"]["dbquery"] = Math.Round(CswNbtResources.CswLogger.DbQueryTime, 3);
SvcReturn["timer"]["dbcommit"] = Math.Round(CswNbtResources.CswLogger.DbCommitTime, 3);
SvcReturn["timer"]["dbdeinit"] = Math.Round(CswNbtResources.CswLogger.DbDeInitTime, 3);
SvcReturn["timer"]["treeloadersql"] = Math.Round(CswNbtResources.CswLogger.TreeLoaderSQLTime, 3);
SvcReturn["timer"]["servertotal"] = Math.Round(CswNbtResources.TotalServerTime, 3);
// Return any messages acquired along the way
if (null != CswNbtResources.Messages && CswNbtResources.Messages.Count > 0)
{
JArray Messages = new JArray();
SvcReturn["messages"] = Messages;
foreach (CswWebSvcReturnBase.ErrorMessage Message in CswNbtResources.Messages)
{
Messages.Add(Message.ToJObject());
}
}
}//if( null != CswNbtResources )
}
}
}
private CswEnumAuthenticationStatus _authenticate()
{
CswEnumAuthenticationStatus AuthenticationStatus = CswEnumAuthenticationStatus.Unknown;
try
{
string ParsedAccessId = _AuthenticationRequest.CustomerId.ToLower().Trim();
if (false == string.IsNullOrEmpty(ParsedAccessId))
{
_CswSessionManager.setAccessId(ParsedAccessId);
}
else
{
throw new CswDniException(CswEnumErrorType.Warning, "There is no configuration information for this AccessId", "AccessId is null or empty.");
}
}
catch (CswDniException ex)
{
if (!ex.Message.Contains("There is no configuration information for this AccessId"))
{
throw ex;
}
else
{
AuthenticationStatus = CswEnumAuthenticationStatus.NonExistentAccessId;
}
}
if (AuthenticationStatus == CswEnumAuthenticationStatus.Unknown)
{
AuthenticationStatus = _CswSessionManager.beginSession(_AuthenticationRequest);
}
// case 21211
if (AuthenticationStatus == CswEnumAuthenticationStatus.Authenticated)
{
// Removed for case 28617. See case 28621.
//// case 21036
//if( _AuthenticationRequest.IsMobile &&
// false == _CswNbtResources.Modules.IsModuleEnabled( CswNbtModuleName.SI ) )
//{
// AuthenticationStatus = AuthenticationStatus.ModuleNotEnabled;
// _CswSessionManager.clearSession();
//}
CswLicenseManager LicenseManager = new CswLicenseManager(_CswNbtResources);
if (LicenseManager.MustShowLicense(_CswNbtResources.CurrentUser))
{
if (LicenseManager.AllowShowLicense(_CswNbtResources.CurrentUser))
{
// BZ 8133 - make sure they've seen the License
AuthenticationStatus = CswEnumAuthenticationStatus.ShowLicense;
}
else
{
// case 30086 - prevent login if admin hasn't accepted the license yet
AuthenticationStatus = CswEnumAuthenticationStatus.NoLicense;
_CswSessionManager.clearSession();
}
}
else if (_CswNbtResources.CurrentNbtUser.PasswordIsExpired)
{
// BZ 9077 - Password expired
AuthenticationStatus = CswEnumAuthenticationStatus.ExpiredPassword;
}
else if (1 < _CswNbtResources.CswSessionManager.SessionsList.getSessionCountForUser(_CswNbtResources.AccessId, _AuthenticationRequest.UserName) &&
false == _AuthenticationRequest.IsMobile &&
CswNbtObjClassUser.ChemSWAdminUsername != _CswNbtResources.CurrentUser.Username)
{
AuthenticationStatus = CswEnumAuthenticationStatus.AlreadyLoggedIn;
}
}
return(AuthenticationStatus);
}
}//_initResources()
public CswEnumAuthenticationStatus authenticate()
{
CswEnumAuthenticationStatus Ret = CswEnumAuthenticationStatus.Unknown;
//We're keeping this logic here, because we don't want to contaminate NbtLogic with the necessary web libraries required to support CswSessionResourcesNbt
if (null != _AuthenticationRequest && _AuthenticationRequest.IsValid())
{
if (false == CswTools.IsValidUsername(_AuthenticationRequest.CustomerId))
{
Ret = CswEnumAuthenticationStatus.NonExistentAccessId;
}
else
{
Ret = _SessionAuthenticate.authenticate();
}
}
else
{
Ret = _CswSessionResourcesNbt.attemptRefresh();
}
//Set audit context
if (Ret == CswEnumAuthenticationStatus.Authenticated && null != _HttpContext.Request.Cookies)
{
string ContextViewId = string.Empty;
string ContextActionName = string.Empty;
if (null != _HttpContext.Request.Cookies["csw_currentviewid"])
{
ContextViewId = _HttpContext.Request.Cookies["csw_currentviewid"].Value;
}
if (null != _HttpContext.Request.Cookies["csw_currentactionname"])
{
ContextActionName = _HttpContext.Request.Cookies["csw_currentactionname"].Value;
}
if (string.Empty != ContextViewId)
{
CswNbtView ContextView = null;
if (CswNbtViewId.isViewIdString(ContextViewId))
{
CswNbtViewId realViewid = new CswNbtViewId(ContextViewId);
ContextView = _CswNbtResources.ViewSelect.restoreView(realViewid);
}
else if (CswNbtSessionDataId.isSessionDataIdString(ContextViewId))
{
CswNbtSessionDataId SessionViewid = new CswNbtSessionDataId(ContextViewId);
ContextView = _CswNbtResources.ViewSelect.getSessionView(SessionViewid);
}
if (null != ContextView)
{
_CswNbtResources.AuditContext = ContextView.ViewName + " (" + ContextView.ViewId.ToString() + ")";
}
}
else if (string.Empty != ContextActionName)
{
CswNbtAction ContextAction = _CswNbtResources.Actions[CswNbtAction.ActionNameStringToEnum(ContextActionName)];
if (null != ContextAction)
{
_CswNbtResources.AuditContext = CswNbtAction.ActionNameEnumToString(ContextAction.Name) + " (Action_" + ContextAction.ActionId.ToString() + ")";
}
}
}
_CswNbtResources.ServerInitTime = _Timer.ElapsedDurationInMilliseconds;
return(Ret);
}//autheticate
