Exemplo n.º 1
0
        public PowerShellResults EnableOrganizationCustomization()
        {
            LocalSession localSession = LocalSession.Current;

            RbacSettings.AddSessionToCache(localSession.CacheKeys[0], localSession, false, false);
            return(base.InvokeAsync(new PSCommand().AddCommand("Enable-OrganizationCustomization"), delegate(PowerShellResults results)
            {
                if (results != null && results.ErrorRecords.IsNullOrEmpty())
                {
                    LocalSession.Current.FlushCache();
                }
            }));
        }
Exemplo n.º 2
0
        public AuthenticationSettings(HttpContext context)
        {
            if (!context.Request.IsAuthenticated || Utility.IsResourceRequest(context.Request.Path))
            {
                this.Session = (context.IsLogoffRequest() ? LogoffSession.AnonymousSession : AnonymousSession.Instance);
                return;
            }
            RbacSettings rbacSettings = new RbacSettings(context);

            if (context.IsLogoffRequest())
            {
                this.Session = new LogoffSession(rbacSettings, context.User.Identity);
                return;
            }
            this.Session = rbacSettings.Session;
        }
Exemplo n.º 3
0
        private RbacSession CreateSession()
        {
            RbacSession result;

            using (new AverageTimePerfCounter(EcpPerfCounters.AverageRbacSessionCreation, EcpPerfCounters.AverageRbacSessionCreationBase, true))
            {
                using (EcpPerformanceData.CreateRbacSession.StartRequestTimer())
                {
                    RbacContext rbacContext = new RbacContext(this);
                    RbacSession rbacSession = rbacContext.CreateSession();
                    RbacSettings.AddSessionToCache(this.CacheKey, rbacSession, true, true);
                    rbacSession.SessionStart();
                    result = rbacSession;
                }
            }
            return(result);
        }
Exemplo n.º 4
0
 public RbacContext(RbacSettings settings)
 {
     RbacContext < > 4__this = this;
     ExTraceGlobals.RBACTracer.TraceInformation <string>(0, 0L, "Creating RBAC context for {0}", settings.UserName);
     this.Settings = settings;
     this.roles    = new LazilyInitialized <ExchangeRunspaceConfiguration>(delegate()
     {
         ExchangeRunspaceConfiguration exchangeRunspaceConfiguration;
         if (DatacenterRegistry.IsForefrontForOffice())
         {
             Assembly assembly = Assembly.Load("Microsoft.Exchange.Hygiene.Security.Authorization");
             string siteName   = HostingEnvironment.ApplicationHost.GetSiteName();
             try
             {
                 string name = (RbacContext.PullHostedTenantRbac && (bool)HttpContext.Current.Items["IsHostedTenant"]) ? "Microsoft.Exchange.Hygiene.Security.Authorization.ForefrontRunspaceConfigurationForHostedTenant" : "Microsoft.Exchange.Hygiene.Security.Authorization.ForefrontRunspaceConfiguration";
                 Type type   = assembly.GetType(name);
                 exchangeRunspaceConfiguration = (ExchangeRunspaceConfiguration)Activator.CreateInstance(type, new object[]
                 {
                     < > 4__this.Settings.OriginalLogonUserIdentity,
                     siteName
                 });
                 goto IL_222;
             }
Exemplo n.º 5
0
 public LogoffSession(RbacSettings rbacSettings, IIdentity identity)
 {
     this.rbacSettings = rbacSettings;
     this.identity     = identity;
 }
Exemplo n.º 6
0
        public RbacSettings(HttpContext context)
        {
            ExTraceGlobals.RBACTracer.TraceInformation <string>(0, 0L, "Extracting RBAC settings from {0}.", context.GetRequestUrlForLog());
            Guid vdirId = Guid.Empty;

            Guid.TryParse(HttpContext.Current.Request.Headers["X-vDirObjectId"], out vdirId);
            this.ecpService = new Lazy <EcpService>(delegate()
            {
                if (vdirId == Guid.Empty)
                {
                    return(null);
                }
                ServiceTopology currentServiceTopology = ServiceTopology.GetCurrentServiceTopology("f:\\15.00.1497\\sources\\dev\\admin\\src\\ecp\\RBAC\\RbacSettings.cs", ".ctor", 707);
                return(currentServiceTopology.FindAnyCafeService <EcpService>((EcpService service) => service.ADObjectId.ObjectGuid == vdirId, "f:\\15.00.1497\\sources\\dev\\admin\\src\\ecp\\RBAC\\RbacSettings.cs", ".ctor", 708));
            });
            this.LogonUserIdentity = context.User.Identity;
            this.OriginalUser      = context.User;
            this.IsProxyLogon      = context.Request.FilePath.EndsWith("/proxyLogon.ecp", StringComparison.OrdinalIgnoreCase);
            bool flag = context.IsAcsOAuthRequest();

            if (this.IsProxyLogon)
            {
                this.ProxySecurityAccessToken = new SerializedAccessToken(context.Request.InputStream);
            }
            else
            {
                this.ProxySecurityAccessToken = null;
            }
            string logonAccountSddlSid = context.Request.Headers["msExchLogonAccount"];
            string text = context.Request.Headers["msExchLogonMailbox"];
            string targetMailboxSddlSid = context.Request.Headers["msExchTargetMailbox"];
            Server inboundProxyCaller   = RbacSettings.GetInboundProxyCaller(text, this.LogonUserIdentity as WindowsIdentity);

            if (inboundProxyCaller != null)
            {
                this.IsInboundProxyRequest  = true;
                this.InboundProxyCallerName = inboundProxyCaller.Name;
                EcpLogonInformation identity = EcpLogonInformation.Create(logonAccountSddlSid, text, targetMailboxSddlSid, this.ProxySecurityAccessToken);
                this.EcpIdentity = new EcpIdentity(identity, "-ProxySession");
            }
            else
            {
                this.IsInboundProxyRequest  = false;
                this.InboundProxyCallerName = string.Empty;
                string explicitUser = context.GetExplicitUser();
                string targetTenant = context.GetTargetTenant();
                string text2        = string.IsNullOrEmpty(targetTenant) ? "-RbacSession" : ("-RbacSession-@" + targetTenant);
                if (flag)
                {
                    text2 += "-OAuthACS";
                }
                if (!string.IsNullOrEmpty(explicitUser))
                {
                    this.EcpIdentity = new EcpIdentity(context.User, explicitUser, text2);
                }
                else
                {
                    this.EcpIdentity = new EcpIdentity(this.LogonUserIdentity, text2);
                }
            }
            this.UserUniqueKeyForCanary = this.GetUserUniqueKey();
            this.IsExplicitSignOn       = this.EcpIdentity.IsExplicitSignon;
            bool flag2 = null == context.Request.Cookies[RbacModule.SessionStateCookieName];

            if (flag2 && !flag)
            {
                context.Response.Cookies.Add(new HttpCookie(RbacModule.SessionStateCookieName, Guid.NewGuid().ToString())
                {
                    HttpOnly = true
                });
                this.CacheKey = this.GetCacheKey();
                this.ExpireSession();
            }
            else
            {
                this.CacheKey = this.GetCacheKey();
            }
            ExTraceGlobals.RBACTracer.TraceInformation(0, 0L, "RBAC Settings for {0}: UserName: {1}, IsNewBrowserWindow={2}, IsInboundProxyRequest={3}, InboundProxyCallerName={4}, HasCachedSession={5}", new object[]
            {
                context.GetRequestUrlForLog(),
                this.UserName,
                flag2,
                this.IsInboundProxyRequest,
                this.InboundProxyCallerName,
                this.CachedSession != null
            });
        }
Exemplo n.º 7
0
 public RoleTypeSegment(RbacSettings rbacSettings)
 {
     this.rbacSettings = rbacSettings;
 }