public bool IsAuthorized(string rawUrl, System.Security.Principal.IPrincipal user, string requestType)
{
UrlMatchElement urlMatched = null;
foreach (UrlMatchElement urlMatch in _urlMatches)
{
if (!Regex.IsMatch(rawUrl, urlMatch.Expression, RegxOptions))
{
continue;
}
urlMatched = urlMatch;
break;
}
if (urlMatched == null)
{
return(true);
}
return(urlMatched.EveryoneAllowed || urlMatched.IsUserAllowed(user, requestType));
}
private bool IsValidIpAddress(UrlMatchElement urlMatched, IPAddress ipAddress)
{
foreach (IpAddressMatchElement ipAddressMatch in urlMatched.IpAddressMatches)
{
if (ipAddressMatch.NetMask == null)
{
if (ipAddressMatch.IpAddress == ipAddress)
{
return(ipAddressMatch.Access);
}
}
else
{
if (IsAddressOnSubnet(ipAddress, ipAddressMatch.IpAddress, ipAddressMatch.NetMask))
{
return(ipAddressMatch.Access);
}
}
}
return(urlMatched.DefaultAccess);
}
public bool IsAuthorized(string rawUrl, string userHostAddress)
{
UrlMatchElement urlMatched = null;
foreach (UrlMatchElement urlMatch in _urlMatches)
{
if (!Regex.IsMatch(rawUrl, urlMatch.Expression, RegxOptions))
{
continue;
}
urlMatched = urlMatch;
break;
}
if (urlMatched == null)
{
return(true);
}
var ipAddress = IPAddress.Parse(userHostAddress);
return(IsValidIpAddress(urlMatched, ipAddress));
}
private void OnEnter(object source, EventArgs eventArgs)
{
var application = (HttpApplication)source;
var context = application.Context;
if (context.SkipAuthorization)
{
return;
}
var rawUrl = application.Request.RawUrl;
UrlMatchElement urlMatched = null;
foreach (UrlMatchElement urlMatch in urlMatches)
{
if (!Regex.IsMatch(rawUrl, urlMatch.Expression, regxOptions))
{
continue;
}
urlMatched = urlMatch;
break;
}
if (urlMatched == null)
{
return;
}
if (urlMatched.EveryoneAllowed || urlMatched.IsUserAllowed(context.User, context.Request.RequestType))
{
return;
}
context.Response.StatusCode = 401;
this.WriteErrorMessage(context);
application.CompleteRequest();
}
