/// <summary> /// An impersonation safe way to check directory existence for this DeploymentController. /// </summary> /// <param name="directory">The directory for which an existence check is being requested</param> /// <param name="user">The user to impersonate</param> /// <param name="password">The impersonated user password</param> /// <param name="isLocal">Whether the impersonated user is local to this server</param> /// <returns>True if the directory can be found</returns> public virtual bool DirectoryExists(string directory, string user, string password, bool isLocal) { Impersonation impersonated = null; bool directoryExists = false; try { if (!String.IsNullOrEmpty(user) && !String.IsNullOrEmpty(password)) { impersonated = new Impersonation(); impersonated.Impersonate(user, password, !isLocal); } directoryExists = Directory.Exists(directory); if (!directoryExists) { directoryExists = File.Exists(directory); } } finally { if (impersonated != null) { impersonated.UnImpersonate(); impersonated = null; } } return(directoryExists); }
/// <summary> /// An impersonation safe way to create a directory for this DeploymentController. /// </summary> /// <param name="directory">The directory to be created</param> /// <param name="user">The user to impersonate</param> /// <param name="password">The impersonated user password</param> /// <param name="isLocal">Whether the impersonated user is local to this server</param> public virtual void CreateDirectory(string directory, string user, string password, bool isLocal) { if (!DirectoryExists(directory, user, password, isLocal)) { Impersonation impersonated = null; try { if (!String.IsNullOrEmpty(user) && !String.IsNullOrEmpty(password)) { impersonated = new Impersonation(); impersonated.Impersonate(user, password, !isLocal); } Directory.CreateDirectory(directory); } finally { if (impersonated != null) { impersonated.UnImpersonate(); impersonated = null; } } } }
internal void Save(DataManager data) { FileStream fileStream = FileUtils.OpenForWrite(data.ResolvePath(FileName)); if (fileStream != null) { WindowsImpersonationContext wi = Impersonation.Impersonate(); try { XmlSerializer ser = new XmlSerializer(typeof(DayExtra), Data.NamespaceURI); using (StreamWriter writer = new StreamWriter(fileStream)) { ser.Serialize(writer, this); } } catch (Exception e) { ErrorTrace.Trace(TraceLevel.Error, e); // truncate the file if this fails fileStream.SetLength(0); } finally { fileStream.Close(); } wi.Undo(); } }
/// <summary> /// An impersonation safe way to check file existence for this DeploymentController. /// </summary> /// <param name="file">The file for which an existence check is being requested</param> /// <param name="user">The user to impersonate</param> /// <param name="password">The impersonated user password</param> /// <param name="isLocal">Whether the impersonated user is local to this server</param> /// <returns>True if the file can be found</returns> public virtual bool FileExists(string file, string user, string password, bool isLocal) { Impersonation impersonated = null; bool fileExists = false; try { if (!String.IsNullOrEmpty(user) && !String.IsNullOrEmpty(_ImpersonationPassword)) { impersonated = new Impersonation(); impersonated.Impersonate(user, _ImpersonationPassword, !isLocal); } fileExists = File.Exists(file); if (!fileExists) { fileExists = Directory.Exists(file); } } finally { if (impersonated != null) { impersonated.UnImpersonate(); impersonated = null; } } return(fileExists); }
/// <summary> /// Start impersonating the other account. /// </summary> /// <returns></returns> public IDisposable Impersonate() { var impersonation = new Impersonation(DomainName, UserName, Password.PrivateValue); impersonation.Impersonate(); return(impersonation); }
public void ThenImpersonateFails() { // Act / Assert Assert.Throws <InvalidOperationException>( () => Impersonation.Impersonate(this._user, this._password)); }
/// <summary> /// An impersonation safe way to get a directory listing for this DeploymentController. /// </summary> /// <param name="directory"></param> /// <param name="directoryFilter"></param> /// <param name="recurse"></param> /// <param name="user">The user to impersonate</param> /// <param name="password">The impersonated user password</param> /// <param name="isLocal">Whether the impersonated user is local to this server</param> /// <returns>The directory list</returns> public List <string> ListDirectories(string directory, string directoryFilter, bool recurse, string user, string password, bool isLocal) { try { if (DirectoryExists(directory, user, password, isLocal)) { Impersonation impersonated = null; try { if (!String.IsNullOrEmpty(user) && !String.IsNullOrEmpty(password)) { impersonated = new Impersonation(); impersonated.Impersonate(user, password, !isLocal); } return(STEM.Sys.IO.Directory.STEM_GetDirectories(directory, directoryFilter, recurse ? SearchOption.AllDirectories : SearchOption.TopDirectoryOnly, true)); } finally { if (impersonated != null) { impersonated.UnImpersonate(); impersonated = null; } } } } catch { } return(new List <string>()); }
public async Task <SqlConnection> OpenConnection(Instance instance) { if (instance == null) { logger.Error("ConnectionManager.OpenConnection: get null instance"); return(null); } Impersonation impersonation = null; ImpersonationResult impResult = null; connection = new SqlConnection(BuildConnectionString(instance)); if (instance.Authentication == AuthenticationType.Windows) { impersonation = new Impersonation(); impResult = impersonation.Impersonate(instance.Login, null, instance.Password);//тут if (impResult.HasError) { logger.Error("Imperosnation error: ConnectionManager.OpenConnection: Instance id =" + instance.Id); } else { logger.Debug("Impersonation oK instance id =" + instance.Id); } return(null); } try { //ConfigureAwait(true); to return to the same context to do undo imersonation for the same thread await connection.OpenAsync().ConfigureAwait(true); } catch (Exception e) { logger.Error("ConnectionManager.OpenConnection: Error open connection instance=" + instance.InstanceName, e); return(null); } finally { if (impResult != null && impersonation != null) { if (!impResult.HasError) { impersonation.UndoImpersonation(impResult.User); } } } return(connection); }
public void ImpersonationSuccessfulLogonTest() { // For this test to work, ensure there is a generic Credential Manager entry called ImpersonationUser with working credentials const string workingTarget = "ImpersonationUser"; var currentUser = Impersonation.CurrentUser; Impersonation.Impersonate(workingTarget); Assert.AreNotEqual(currentUser, Impersonation.CurrentUser, "Users are different after impersonating"); Impersonation.StopImpersonating(); Assert.AreEqual(currentUser, Impersonation.CurrentUser, "Orginal user restored after stopping impersonation"); }
public void ImpersonationFailedLogonTest() { try { Impersonation.Impersonate(Target); Assert.Fail("No security exception thrown after impersonating with wrong credentials"); } catch (SecurityException se) { Assert.AreEqual($"Could not impersonate user '{UserName}' for domain '{Domain}'", se.Message); } }
public static void Save(SeoMetaTags seoConfig) { System.Security.Principal.WindowsImpersonationContext wi = Impersonation.Impersonate(); XmlSerializer ser = new XmlSerializer(typeof(SeoMetaTags)); using (StreamWriter writer = new StreamWriter(MetaConfigFile)) { ser.Serialize(writer, seoConfig); } wi.Undo(); }
public static void Save(SiteConfig siteConfig) { System.Security.Principal.WindowsImpersonationContext wi = Impersonation.Impersonate(); XmlSerializer ser = new XmlSerializer(typeof(SiteConfig)); using (StreamWriter writer = new StreamWriter(SiteConfig.GetConfigFilePathFromCurrentContext())) { ser.Serialize(writer, siteConfig); } wi.Undo(); }
public void ImpersonationCredentialNotFoundTest() { const string unknownTarget = "@Unknown!Target$"; try { Impersonation.Impersonate(unknownTarget); Assert.Fail("No security exception thrown after specifying unknown target"); } catch (SecurityException se) { Assert.IsTrue(se.Message.StartsWith($"Could not find target '{unknownTarget}' in Generic section of Credential Manager for user '", StringComparison.InvariantCultureIgnoreCase)); } }
void WriteEventDataItem(EventDataItem logItem, LogCategory category, ReaderWriterLock lockObject, EventDataItemFormatter formatter) { if (logItem == null) { throw new ArgumentNullException("logItem"); } if (lockObject == null) { throw new ArgumentNullException("lockObject"); } if (formatter == null) { throw new ArgumentNullException("formatter"); } try { using (Impersonation.Impersonate()) { // Archive last day's log files. if (!File.Exists(String.Format("{0}.zip", GetLogPath(logItem.EventTimeUtc, LogCategory.Event)))) { ArchiveLogFiles(logItem.EventTimeUtc.AddDays(-1)); } lockObject.AcquireWriterLock(TimeSpan.FromMilliseconds(250)); using (StreamWriter writer = new StreamWriter(GetLogPath(logItem.EventTimeUtc, category), true)) { writer.WriteLine(formatter(logItem)); } } } catch (Exception e) { ErrorTrace.Trace(TraceLevel.Error, e); } finally { if (lockObject.IsWriterLockHeld) { lockObject.ReleaseWriterLock(); } } }
public static async Task <string> Check(string servername, string instanceName, string login, string pswd, bool windowsoauth) { String connString = BuildConnectionString(servername, instanceName, login, pswd, windowsoauth); Impersonation impersonation = null; ImpersonationResult impResult = null; SqlConnection connection = new SqlConnection(connString); if (windowsoauth) { impersonation = new Impersonation(); impResult = impersonation.Impersonate(login, null, pswd); if (impResult.HasError) { return("Windows impersonation error!"); } } try { await connection.OpenAsync().ConfigureAwait(true); connection.Close(); } catch (Exception e) { return("Open connection error!\n" + e.Message); } finally { if (impResult != null && impersonation != null) { if (!impResult.HasError) { impersonation.UndoImpersonation(impResult.User); } } } return("Ok!"); }
void WriteLogDataItem(LogDataItem logItem, LogCategory category, ReaderWriterLock lockObject, LogDataItemFormatter formatter) { if (logItem == null) { throw new ArgumentNullException("logItem"); } if (lockObject == null) { throw new ArgumentNullException("lockObject"); } if (formatter == null) { throw new ArgumentNullException("formatter"); } try { using (Impersonation.Impersonate()) { lockObject.AcquireWriterLock(TimeSpan.FromMilliseconds(250)); using (StreamWriter writer = new StreamWriter(GetLogPath(logItem.RequestedUtc, category), true)) { writer.WriteLine(formatter(logItem)); } } } catch (Exception e) { ErrorTrace.Trace(TraceLevel.Error, e); } finally { if (lockObject.IsWriterLockHeld) { lockObject.ReleaseWriterLock(); } } }
internal void Save(DataManager data) { string fullPath = data.ResolvePath(FileName); // We use the internal list to circumvent ignoring // items where IsPublic is set to false. if (Entries.Count == 0) { if (File.Exists(fullPath)) { File.Delete(fullPath); } } else { System.Security.Principal.WindowsImpersonationContext wi = Impersonation.Impersonate(); FileStream fileStream = FileUtils.OpenForWrite(fullPath); if (fileStream != null) { try { XmlSerializer ser = new XmlSerializer(typeof(DayEntry), Data.NamespaceURI); using (StreamWriter writer = new StreamWriter(fileStream)) { ser.Serialize(writer, this); } } catch (Exception e) { ErrorTrace.Trace(System.Diagnostics.TraceLevel.Error, e); } finally { fileStream.Close(); } } wi.Undo(); } }
internal void Impersonate(out Impersonation token) { try { if (!String.IsNullOrEmpty(ImpersonationUser) && !String.IsNullOrEmpty(ImpersonationPassword)) { Impersonation i = new Impersonation(); token = i; i.Impersonate(ImpersonationUser, ImpersonationPassword, LocalUserImpersonation); } else { token = null; } } catch (Exception ex) { STEM.Sys.EventLog.WriteEntry("SMB.Authentication.Impersonate", ex.ToString(), STEM.Sys.EventLog.EventLogEntryType.Error); throw ex; } }
/// <summary> /// An impersonation safe way to get FileInfo for this DeploymentController. /// </summary> /// <param name="file">The file for which FileInfo is being requested</param> /// <param name="user">The user to impersonate</param> /// <param name="password">The impersonated user password</param> /// <param name="isLocal">Whether the impersonated user is local to this server</param> /// <returns>The FileInfo for the specified file</returns> public virtual FDCFileInfo GetFileInfo(string file, string user, string password, bool isLocal) { Impersonation impersonated = null; FileInfo fi = null; try { if (!String.IsNullOrEmpty(user) && !String.IsNullOrEmpty(password)) { impersonated = new Impersonation(); impersonated.Impersonate(user, password, !isLocal); } if (File.Exists(file)) { fi = new FileInfo(file); } } finally { if (impersonated != null) { impersonated.UnImpersonate(); impersonated = null; } } if (fi == null) { return(null); } return(new FDCFileInfo { CreationTimeUtc = fi.CreationTimeUtc, LastAccessTimeUtc = fi.LastAccessTimeUtc, LastWriteTimeUtc = fi.LastWriteTimeUtc, Size = fi.Length });; }
/// <summary> /// An impersonation safe way to get DirectoryInfo for this DeploymentController. /// </summary> /// <param name="directory">The directory for which DirectoryInfo is being requested</param> /// <param name="user">The user to impersonate</param> /// <param name="password">The impersonated user password</param> /// <param name="isLocal">Whether the impersonated user is local to this server</param> /// <returns>The FileInfo for the specified file</returns> public virtual FDCDirectoryInfo GetDirectoryInfo(string directory, string user, string password, bool isLocal) { Impersonation impersonated = null; DirectoryInfo di = null; try { if (!String.IsNullOrEmpty(user) && !String.IsNullOrEmpty(password)) { impersonated = new Impersonation(); impersonated.Impersonate(user, password, !isLocal); } if (Directory.Exists(directory)) { di = new DirectoryInfo(directory); } } finally { if (impersonated != null) { impersonated.UnImpersonate(); impersonated = null; } } if (di == null) { return(null); } return(new FDCDirectoryInfo { CreationTimeUtc = di.CreationTimeUtc, LastAccessTimeUtc = di.LastAccessTimeUtc, LastWriteTimeUtc = di.LastWriteTimeUtc });; }
void ImpersonateWindowsContext() { objImp = new Impersonation(_LDAPUser, _LDAPPassword, _LDAPDomainName); objImp.Impersonate(); }
void ImpersonateWindowsContext() { objImp = new Impersonation(_LDAPUser, _LDAPPassword, _LDAPDomainName); objImp.Impersonate(); }
protected bool GoodDirectory(string dir) { try { if (CheckDirectoryExists) { if (!_LastTouched.ContainsKey(dir)) { _LastTouched[dir] = new Touched { Exists = false, LastAttempt = DateTime.MinValue } } ; if ((DateTime.UtcNow - _LastTouched[dir].LastAttempt).TotalSeconds > 180 || _LastTouched[dir].Exists) { if (!_LastTouched[dir].Exists) { if (DestinationPingable && !STEM.Sys.IO.Net.PingHost(STEM.Sys.IO.Path.IPFromPath(dir))) { _LastTouched[dir].LastAttempt = DateTime.UtcNow; return(false); } } if (!String.IsNullOrEmpty(DestinationPathUser) && !String.IsNullOrEmpty(DestinationPathPassword)) { STEM.Sys.Security.Impersonation impersonation = new Impersonation(); try { impersonation.Impersonate(DestinationPathUser, DestinationPathPassword, DestinationPathImpersonationIsLocal); if (DirectoryExists(dir)) { _LastTouched[dir].Exists = true; } else { _LastTouched[dir].Exists = false; } } finally { impersonation.UnImpersonate(); } } else { if (DirectoryExists(dir)) { _LastTouched[dir].Exists = true; } else { _LastTouched[dir].Exists = false; } } _LastTouched[dir].LastAttempt = DateTime.UtcNow; } return(_LastTouched[dir].Exists); } else { return(true); } } catch { } return(false); }
public override bool Validate() { // TODO failures in create and cleanup should be ignored for couple of times // TODO Add retries in validation logic // TODO talk to guest agent and gets it version and validate if latest object t = Impersonation.Impersonate(ConfigurationManager.UserName, ConfigurationManager.Password); try { var token = AzureHelper.GetAccessTokenAsync(); var credential = new TokenCredentials(token.Result.AccessToken); PublicIPAddress ipAddress = AzureHelper.GetPublicAddressAsync(credential, groupName, subscriptionId, "myPublicIP").Result; // TODO: make username-password at one place instead of at both ARM and here SecureString securePwd = new SecureString(); password.ToCharArray().ToList().ForEach(p => securePwd.AppendChar(p)); // this is the entrypoint to interact with the system (interfaced for testing). var remoteComputer = new Uri(string.Format("{0}://{1}:5986", "https", ipAddress.IpAddress)); var connection = new WSManConnectionInfo(remoteComputer, String.Empty, new PSCredential(username, securePwd)); var option = new PSSessionOption(); option.SkipCACheck = true; option.SkipCNCheck = true; option.SkipRevocationCheck = true; connection.SetSessionOptions(option); connection.AuthenticationMechanism = AuthenticationMechanism.Negotiate; // TODO What if powershell session gets stuck in between var runspace = RunspaceFactory.CreateRunspace(connection); runspace.Open(); var powershell = PowerShell.Create(); powershell.Runspace = runspace; powershell.AddScript("get-psdrive –psprovider filesystem"); var results = powershell.Invoke(); foreach (var output in results.Where(o => o != null)) { } bool ifCustomData = true; if (!string.IsNullOrWhiteSpace(customData)) { powershell.AddScript("Get-Content C:\\AzureData\\CustomData.bin -Encoding UTF8"); results = powershell.Invoke(); ifCustomData = (results.Where(o => o != null).ToList().Count == 1); foreach (var output in results.Where(o => o != null)) { logger.Info(string.Format("Expected: {0} Actual: {1}", customData, output)); ifCustomData &= (output.ToString() == customData); } } runspace.Close(); if (!ifCustomData) { throw new ArgumentException("Incorrect custom data!!"); } } catch (Exception e) { logger.Error(e); return(false); } finally { Impersonation.UndoImpersonation(t); } return(true); }