//Logs the event if it's an event we track according to the registry. public bool Log(System.ServiceProcess.SessionChangeDescription changeDescription, pGina.Shared.Types.SessionProperties properties) { //Get the logging message for this event. string msg = null; switch (changeDescription.Reason) { case System.ServiceProcess.SessionChangeReason.SessionLogon: msg = LogonEvent(changeDescription.SessionId, properties); break; case System.ServiceProcess.SessionChangeReason.SessionLogoff: msg = LogoffEvent(changeDescription.SessionId, properties); break; case System.ServiceProcess.SessionChangeReason.SessionLock: msg = SessionLockEvent(changeDescription.SessionId, properties); break; case System.ServiceProcess.SessionChangeReason.SessionUnlock: msg = SessionUnlockEvent(changeDescription.SessionId, properties); break; case System.ServiceProcess.SessionChangeReason.SessionRemoteControl: msg = SesionRemoteControlEvent(changeDescription.SessionId, properties); break; case System.ServiceProcess.SessionChangeReason.ConsoleConnect: msg = ConsoleConnectEvent(changeDescription.SessionId, properties); break; case System.ServiceProcess.SessionChangeReason.ConsoleDisconnect: msg = ConsoleDisconnectEvent(changeDescription.SessionId, properties); break; case System.ServiceProcess.SessionChangeReason.RemoteConnect: msg = RemoteConnectEvent(changeDescription.SessionId, properties); break; case System.ServiceProcess.SessionChangeReason.RemoteDisconnect: msg = RemoteDisconnectEvent(changeDescription.SessionId, properties); break; } m_logger.DebugFormat("SessionChange({0}) - Message: {1}", changeDescription.Reason.ToString(), msg); //Check if there is a message to log if (!string.IsNullOrEmpty(msg)) { if (m_conn == null) throw new InvalidOperationException("No MySQL Connection present."); //Send it to the server logToServer(msg); } return true; //No msg to log }
public pGina.Shared.Types.BooleanResult AuthenticateUser(pGina.Shared.Types.SessionProperties properties) { pGina.Shared.Types.UserInformation userInfo = properties.GetTrackedSingle<pGina.Shared.Types.UserInformation>(); // Get the Kerberos Realm we are authenticating against from the registry string krbRealm = Settings.Store.Realm; //m_logger.InfoFormat("Kerberos Target Realm: {0}", krbRealm); /** * Call unmanaged DLL that will deal with Microsofts AcquireCredentialHandle() and InitializeSecurityContext() calls after creating a new SEC_WIN_AUTH_IDENTITY structure * from the supplied user name, password, and domain. The return result will indicate either success or various kerberos error messages. * */ int r = auth_user(userInfo.Username, userInfo.Password, krbRealm, "krbtgt/" + krbRealm.ToUpper()); switch (r) { /* * The SPN kerberos target service could not be reached. Format should be <service-name>/REALM where the service is usually krbtgt (kerberos ticket granting ticket) followed by * the realm you are targeting (all capitals) such as MYREALM.UTAH.EDU * * ex: krbtgt/MYREALM.UTAH.EDU * */ case -2146893039: return new pGina.Shared.Types.BooleanResult() { Success = false, Message = "Failed to contact authenticating kerberos authority." }; /* * The user name and/or password supplied at login through pGina does not match in the kerberos realm. * */ case -2146893044: return new pGina.Shared.Types.BooleanResult() { Success = false, Message = "Failed due to bad password and/or user name." }; /* * The SPN for your kerberos target was incorrect. Format should be <service-name>/REALM where the service is usually krbtgt (kerberos ticket granting ticket) followed by * the realm you are targeting (all capitals) such as MYREALM.UTAH.EDU * * ex: krbtgt/MYREALM.UTAH.EDU * */ case -2146893053: return new pGina.Shared.Types.BooleanResult() { Success = false, Message = "Failed due to bad kerberos Security Principal Name." }; /* * Success * */ case 0: return new pGina.Shared.Types.BooleanResult() { Success = true, Message = "Success" }; default: return new pGina.Shared.Types.BooleanResult() { Success = false, Message = "Failed to authenticate due to unknown error." + r }; } }
public void SessionChange(System.ServiceProcess.SessionChangeDescription changeDescription, pGina.Shared.Types.SessionProperties properties) { m_logger.DebugFormat("SessionChange({0}) - ID: {1}", changeDescription.Reason.ToString(), changeDescription.SessionId); //If SessionMode is enabled, send event to it. if ((bool)Settings.Store.SessionMode) { ILoggerMode mode = LoggerModeFactory.getLoggerMode(LoggerMode.SESSION); mode.Log(changeDescription, properties); } //If EventMode is enabled, send event to it. if ((bool)Settings.Store.EventMode) { ILoggerMode mode = LoggerModeFactory.getLoggerMode(LoggerMode.EVENT); mode.Log(changeDescription, properties); } //Close the connection if it's still open LoggerModeFactory.closeConnection(); }
public void SessionChange(System.ServiceProcess.SessionChangeDescription changeDescription, pGina.Shared.Types.SessionProperties properties) { m_logger.DebugFormat("SessionChange({0})", changeDescription.Reason.ToString()); string msg = null; switch (changeDescription.Reason) { case System.ServiceProcess.SessionChangeReason.SessionLogon: msg = LogonEvent(changeDescription.SessionId); break; case System.ServiceProcess.SessionChangeReason.SessionLogoff: msg = LogoffEvent(changeDescription.SessionId); break; case System.ServiceProcess.SessionChangeReason.SessionLock: msg = SessionLockEvent(changeDescription.SessionId); break; case System.ServiceProcess.SessionChangeReason.SessionUnlock: msg = SessionUnlockEvent(changeDescription.SessionId); break; case System.ServiceProcess.SessionChangeReason.SessionRemoteControl: msg = SesionRemoteControlEvent(changeDescription.SessionId); break; case System.ServiceProcess.SessionChangeReason.ConsoleConnect: msg = ConsoleConnectEvent(changeDescription.SessionId); break; case System.ServiceProcess.SessionChangeReason.ConsoleDisconnect: msg = ConsoleDisconnectEvent(changeDescription.SessionId); break; case System.ServiceProcess.SessionChangeReason.RemoteConnect: msg = RemoteConnectEvent(changeDescription.SessionId); break; case System.ServiceProcess.SessionChangeReason.RemoteDisconnect: msg = RemoteDisconnectEvent(changeDescription.SessionId); break; } if (!string.IsNullOrEmpty(msg)) { m_logger.Debug(msg); // Log to DB try { using (DbLogger log = DbLogger.Connect()) { log.Log(msg); } } catch (MySqlException e) { if (e.Number == 1042) m_logger.ErrorFormat("Unable to connect to host: {0}", Settings.Store.Host); else m_logger.Error(e.ToString()); } catch (Exception e) { m_logger.ErrorFormat("Error logging to DB: {0}", e); } } }
//Processes accounting on logon/logoff public void SessionChange(System.ServiceProcess.SessionChangeDescription changeDescription, pGina.Shared.Types.SessionProperties properties) { if (changeDescription.Reason != System.ServiceProcess.SessionChangeReason.SessionLogon && changeDescription.Reason != System.ServiceProcess.SessionChangeReason.SessionLogoff) { //m_logger.DebugFormat("Not logging on or off for this session change call ({0})... exiting.", changeDescription.Reason); return; } if (properties == null) { //m_logger.DebugFormat("No session properties available. This account does not appear to be managed by pGina. Exiting SessionChange()"); return; } if (!(bool)Settings.Store.EnableAcct) { m_logger.Debug("Session Change stage set on RADIUS plugin but accounting is not enabled in plugin settings."); return; } //Determine username (may change depending on value of UseModifiedName setting) string username = null; UserInformation ui = properties.GetTrackedSingle<UserInformation>(); if (ui == null) { //m_logger.DebugFormat("No userinformation for this session logoff... exiting..."); return; } if ((bool)Settings.Store.UseModifiedName) username = ui.Username; else username = ui.OriginalUsername; Session session = null; //User is logging on if (changeDescription.Reason == System.ServiceProcess.SessionChangeReason.SessionLogon) { lock (m_sessionManager) { //Check if session information is already available for this id if (!m_sessionManager.Keys.Contains(properties.Id)) { //No session info - must have authed with something other than RADIUS. //m_logger.DebugFormat("RADIUS Accounting Logon: Unable to find session for {0} with GUID {1}", username, properties.Id); if(!(bool)Settings.Store.AcctingForAllUsers){ //m_logger.Debug("Accounting for non-RADIUS users is disabled. Exiting."); return; } RADIUSClient client = GetClient(); session = new Session(properties.Id, username, client); m_sessionManager.Add(properties.Id, session); //Check forced interim-update setting if ((bool)Settings.Store.SendInterimUpdates && (bool)Settings.Store.ForceInterimUpdates) { int interval = (int)Settings.Store.InterimUpdateTime; session.SetInterimUpdate(interval, InterimUpdatesCallback); } } else session = m_sessionManager[properties.Id]; } //Determine which plugin authenticated the user (if any) PluginActivityInformation pai = properties.GetTrackedSingle<PluginActivityInformation>(); Packet.Acct_Authentic authSource = Packet.Acct_Authentic.Not_Specified; IEnumerable<Guid> authPlugins = pai.GetAuthenticationPlugins(); Guid LocalMachinePluginGuid = new Guid("{12FA152D-A2E3-4C8D-9535-5DCD49DFCB6D}"); foreach (Guid guid in authPlugins) { if (pai.GetAuthenticationResult(guid).Success) { if (guid == SimpleUuid) authSource = Packet.Acct_Authentic.RADIUS; else if (guid == LocalMachinePluginGuid) authSource = Packet.Acct_Authentic.Local; else //Not RADIUS, not Local, must be some other auth plugin authSource = Packet.Acct_Authentic.Remote; break; } } //We can finally start the accounting process try { lock (session) { session.windowsSessionId = changeDescription.SessionId; //Grab session ID now that we're authenticated session.username = username; //Accting username may have changed depending on 'Use Modified username for accounting option' session.client.startAccounting(username, authSource); //m_logger.DebugFormat("Successfully completed accounting start process..."); } } catch (Exception e) { m_logger.Error("Error occurred while starting accounting.", e); } } //User is logging off else if (changeDescription.Reason == System.ServiceProcess.SessionChangeReason.SessionLogoff) { lock (m_sessionManager) { if (m_sessionManager.Keys.Contains(properties.Id)) session = m_sessionManager[properties.Id]; else { //m_logger.DebugFormat("Users {0} is logging off, but no RADIUS session information is available for session ID {1}.", username, properties.Id); return; } //Remove the session from the session manager m_sessionManager.Remove(properties.Id); } lock (session) { //Disbale any active callbacks for this session session.disableCallbacks(); session.active = false; //Assume normal logout if no other terminate reason is listed. if (session.terminate_cause == null) session.terminate_cause = Packet.Acct_Terminate_Cause.User_Request; try { //m_logger.DebugFormat("About to send accounting stop packet. Session has been active {0} seconds.", (DateTime.Now - session.client.accountingStartTime).TotalSeconds); session.client.stopAccounting(session.username, session.terminate_cause); } catch (RADIUSException re) { m_logger.DebugFormat("Unable to send accounting stop message for user {0} with ID {1}. Message: {2}", session.username, session.id, re.Message); } } } }
//Processes accounting on logon/logoff public void SessionChange(System.ServiceProcess.SessionChangeDescription changeDescription, pGina.Shared.Types.SessionProperties properties) { m_logger.DebugFormat("SessionChange({0})", properties.Id.ToString()); string username = null; if ((bool)Settings.Store.UseModifiedName) username = properties.GetTrackedSingle<UserInformation>().Username; else username = properties.GetTrackedSingle<UserInformation>().OriginalUsername; if (changeDescription.Reason == System.ServiceProcess.SessionChangeReason.SessionLogon) { //Create a new unique id for this accounting session and store it String sessionId = Guid.NewGuid().ToString(); lock (sessionIDLock) { sessionIDs.Add(username, sessionId); } //Determine which plugin authenticated the user (if any) PluginActivityInformation pai = properties.GetTrackedSingle<PluginActivityInformation>(); Packet.Acct_AuthenticType authSource = Packet.Acct_AuthenticType.Not_Specified; IEnumerable<Guid> authPlugins = pai.GetAuthenticationPlugins(); Guid LocalMachinePluginGuid = new Guid("{12FA152D-A2E3-4C8D-9535-5DCD49DFCB6D}"); foreach (Guid guid in authPlugins) { if (pai.GetAuthenticationResult(guid).Success) { if (guid == SimpleUuid) authSource = Packet.Acct_AuthenticType.RADIUS; else if (guid == LocalMachinePluginGuid) authSource = Packet.Acct_AuthenticType.Local; else authSource = Packet.Acct_AuthenticType.Remote; break; } } try { RADIUSClient client = GetClient(sessionId); client.startAccounting(username, authSource); } catch (Exception e) { m_logger.Error("Error occurred while starting accounting.", e); } } else if (changeDescription.Reason == System.ServiceProcess.SessionChangeReason.SessionLogoff) { //Check if guid was stored from accounting start request (if not, no point in sending a stop request) string sessionId = null; lock (sessionIDLock) { sessionId = sessionIDs.ContainsKey(username) ? sessionIDs[username] : null; if (sessionId == null) { m_logger.ErrorFormat("Error sending accounting stop request. No guid available for {0}", username); return; } //Remove the session id since we're logging off sessionIDs.Remove(username); } try { RADIUSClient client = GetClient(sessionId); client.stopAccounting(username, Packet.Acct_Terminate_CauseType.User_Request); } catch (Exception e) { m_logger.Error("Error occurred while stopping accounting.", e); return; } } }
public HiddenForm(pGina.Service.Impl.ServiceThread serviceThreadObj) { m_serviceThreadObj = serviceThreadObj; InitializeComponent(); }