protected void cmdSubmit_Click(object sender, EventArgs e)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
if (Request.QueryString["method"].ToString() == "login")
{
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = txtUserName.Text.Trim();
user.Password = txtPassword.Text.Trim();
if (data.UserLogin(ref user))
{
if (Request.QueryString["edit"] == "true")
Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
else
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
else
{
lblError.Text = "Login failed, please try again";
txtPassword.Text = "";
txtPassword.Focus();
}
}
}
protected void cmdSubmit_Click(object sender, EventArgs e)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = txtUserName.Text.Trim();
user.Password = txtUserName.Text.Trim(); // works on dev just now, need to change!
if (user.UserName.Length == 0 && user.Password.Length == 0)
{
// Allow anonymous access. Do not log in person.
// Add the gadgets
Session[OpenSocialManager.OPENSOCIAL_GADGETS] = txtGadgetURLS.Text;
Session[OpenSocialManager.OPENSOCIAL_DEBUG] = chkDebug.Checked;
Session[OpenSocialManager.OPENSOCIAL_NOCACHE] = !chkUseCache.Checked;
Response.Redirect(Root.Domain);
}
else if (sandboxPassword.Equals(txtPassword.Text.Trim()) && data.UserLogin(ref user))
{
// User logged in, now add the gadgets
// add the gadgets
Session[OpenSocialManager.OPENSOCIAL_GADGETS] = txtGadgetURLS.Text;
Session[OpenSocialManager.OPENSOCIAL_DEBUG] = chkDebug.Checked;
Session[OpenSocialManager.OPENSOCIAL_NOCACHE] = !chkUseCache.Checked;
Response.Redirect(Root.Domain);
}
else
{
lblError.Text = "Login failed, please try again";
txtPassword.Text = "";
txtPassword.Focus();
}
}
public void autoLogin()
{
if (ConfigurationSettings.AppSettings["LOGIN_USER"] != null)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
if (Request.QueryString["method"].ToString() == "login")
{
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = ConfigurationSettings.AppSettings["LOGIN_USER"];
user.Password = ConfigurationSettings.AppSettings["LOGIN_PASSWORD"];
if (data.UserLogin(ref user))
{
Framework.Utilities.Cache.AlterDependency(sm.Session().SessionID);
if (Request.QueryString["edit"] == "true")
{
Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
}
else
{
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
}
else
{
lblError.Text = "Login failed, please try again";
txtPassword.Text = "";
txtPassword.Focus();
}
}
}
}
public void autoLogin()
{
if (ConfigurationSettings.AppSettings["LOGIN_USER"] != null)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
if (Request.QueryString["method"].ToString() == "login")
{
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = ConfigurationSettings.AppSettings["LOGIN_USER"];
user.Password = ConfigurationSettings.AppSettings["LOGIN_PASSWORD"];
if (data.UserLogin(ref user))
{
Framework.Utilities.Cache.AlterDependency(sm.Session().SessionID);
if (Request.QueryString["edit"] == "true")
Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
else
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
else
{
lblError.Text = "Login failed, please try again";
txtPassword.Text = "";
txtPassword.Focus();
}
}
}
}
protected void cmdSubmit_Click(object sender, EventArgs e)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = txtUserName.Text.Trim();
user.Password = txtUserName.Text.Trim(); // works on dev just now, need to change!
if (user.UserName.Length == 0 && user.Password.Length == 0)
{
// Allow anonymous access. Do not log in person.
// Add the gadgets
Session[OpenSocialManager.OPENSOCIAL_GADGETS] = txtGadgetURLS.Text;
Session[OpenSocialManager.OPENSOCIAL_DEBUG] = chkDebug.Checked;
Session[OpenSocialManager.OPENSOCIAL_NOCACHE] = !chkUseCache.Checked;
Response.Redirect(Root.Domain);
}
else if (sandboxPassword.Equals(txtPassword.Text.Trim()) && data.UserLogin(ref user))
{
// User logged in, now add the gadgets
// add the gadgets
Session[OpenSocialManager.OPENSOCIAL_GADGETS] = txtGadgetURLS.Text;
Session[OpenSocialManager.OPENSOCIAL_DEBUG] = chkDebug.Checked;
Session[OpenSocialManager.OPENSOCIAL_NOCACHE] = !chkUseCache.Checked;
Response.Redirect(Root.Domain);
}
else
{
lblError.Text = "Login failed, please try again";
txtPassword.Text = "";
txtPassword.Focus();
}
}
protected void cmdSubmit_Click(object sender, EventArgs e)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
if (Request.QueryString["method"].ToString() == "login")
{
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = txtUserName.Text.Trim();
user.Password = txtPassword.Text.Trim();
if (data.UserLogin(ref user))
{
Framework.Utilities.Cache.AlterDependency(sm.Session().SessionID);
if (Request.QueryString["edit"] == "true")
{
Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
}
else
{
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
}
else
{
lblError.Text = "Login failed, please try again";
txtPassword.Text = "";
txtPassword.Focus();
}
}
}
/// <summary>
/// For User Authentication
/// </summary>
/// <param name="user"></param>
/// <param name="session"></param>
public bool UserLogin(ref User user)
{
bool loginsuccess = false;
try
{
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlParameter[] param = new SqlParameter[4];
dbconnection.Open();
param[0] = new SqlParameter("@UserName", user.UserName);
param[1] = new SqlParameter("@Password", user.Password);
param[2] = new SqlParameter("@UserID", null);
param[2].DbType = DbType.Int32;
param[2].Direction = ParameterDirection.Output;
param[3] = new SqlParameter("@PersonID", null);
param[3].DbType = DbType.Int32;
param[3].Direction = ParameterDirection.Output;
//For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[User.Account].[Authenticate]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param));
dbconnection.Close();
try
{
user.UserID = Convert.ToInt32(param[2].Value.ToString());
if (param[3].Value != DBNull.Value)
user.PersonID = Convert.ToInt32(param[3].Value.ToString());
}
catch { }
if (user.UserID != 0)
{
loginsuccess = true;
sm.Session().UserID = user.UserID;
sm.Session().PersonID = user.PersonID;
sm.Session().LoginDate = DateTime.Now;
Session session = sm.Session();
SessionUpdate(ref session);
ActivityLog(user.PersonID, null, null);
}
}
catch (Exception ex)
{
throw ex;
}
return loginsuccess;
}
protected void cmdSubmit_Click(object sender, EventArgs e)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
if (Request.QueryString["method"].ToString() == "login")
{
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = txtUserName.Text.Trim();
user.Password = txtPassword.Text.Trim();
String adDomain = ConfigurationSettings.AppSettings["AD.Domain"];
String adUser = null;
String adPassword = null;
try
{
adUser = ConfigurationSettings.AppSettings["AD.User"];
adPassword = ConfigurationSettings.AppSettings["AD.Password"];
}
catch (Exception ex) { }
String admin = null;
try
{
admin = ConfigurationSettings.AppSettings["AD.AccessContact"];
}
catch (Exception ex) { }
using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, adDomain, adUser, adPassword))
{
// validate the credentials
if (pc.ValidateCredentials(user.UserName, user.Password))
{
if (data.UserLoginExternal(ref user))
{
if (Request.QueryString["edit"] == "true")
Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
else
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
else
{
lblError.Text = user.UserName + " is not an authorized user of the Profiles Research Networking Software application.";
if (admin != null) lblError.Text = lblError.Text + "<br>Please contact " + admin + " to obtain access.";
txtPassword.Text = "";
txtPassword.Focus();
}
}
else
{
lblError.Text = "Login failed, please try again";
txtPassword.Text = "";
txtPassword.Focus();
}
}
}
}
/// <summary>
/// For User Authentication
/// </summary>
/// <param name="user"></param>
/// <param name="session"></param>
public bool UserLogin(ref User user)
{
bool loginsuccess = false;
string adPath = "LDAP://uams0.ad.uams.edu:389/DC=ad,DC=uams,DC=edu";
LdapAuthentication ldap = new LdapAuthentication(adPath);
bool ldapLoginSuccess = false;
string username;
try
{
ldapLoginSuccess = ldap.IsAuthenticated("UAMS", user.UserName, user.Password); //HMHULL-TODO: Do I need to have Domain be an box in the logon form?
}
catch (Exception e)
{
return false;
}
if (ldapLoginSuccess)
{
// Get the email from LDAP here and use it as the username
username = ldap.getEmail();
try
{
SessionManagement sm = new SessionManagement();
string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString;
SqlConnection dbconnection = new SqlConnection(connstr);
SqlParameter[] param = new SqlParameter[3];
dbconnection.Open();
param[0] = new SqlParameter("@UserName", username);
param[1] = new SqlParameter("@UserID", null);
param[1].DbType = DbType.Int32;
param[1].Direction = ParameterDirection.Output;
param[2] = new SqlParameter("@PersonID", null);
param[2].DbType = DbType.Int32;
param[2].Direction = ParameterDirection.Output;
//For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value.
ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[User.Account].[Authenticate]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param));
dbconnection.Close();
try
{
user.UserID = Convert.ToInt32(param[1].Value.ToString());
if (param[2].Value != DBNull.Value)
user.PersonID = Convert.ToInt32(param[2].Value.ToString());
}
catch { }
if (user.UserID != 0)
{
loginsuccess = true;
sm.Session().UserID = user.UserID;
sm.Session().PersonID = user.PersonID;
sm.Session().LoginDate = DateTime.Now;
Session session = sm.Session();
SessionUpdate(ref session);
}
}
catch (Exception ex)
{
throw ex;
}
}
return loginsuccess && ldapLoginSuccess;
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["method"].ToString() == "logout")
{
sm.SessionLogout();
sm.SessionDestroy();
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
else if (Request.QueryString["method"].ToString() == "shibboleth")
{
// added by Eric
// If they specify an Idp, then check that they logged in from the configured IDP
bool authenticated = false;
if (ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"] == null ||
ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"].ToString().Equals(Request.Headers.Get("ShibIdentityProvider").ToString(), StringComparison.InvariantCultureIgnoreCase))
{
String userName = Request.Headers.Get(ConfigurationManager.AppSettings["Shibboleth.UserNameHeader"].ToString()); //"025693078";
if (userName != null && userName.Trim().Length > 0)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = userName;
if (data.UserLoginExternal(ref user))
{
authenticated = true;
RedirectAuthenticatedUser();
}
}
}
if (!authenticated)
{
// try and just put their name in the session.
sm.Session().ShortDisplayName = Request.Headers.Get("ShibdisplayName");
RedirectAuthenticatedUser();
}
}
else if (Request.QueryString["method"].ToString() == "login")
{
// see if they already have a login session, if so don't send them to shibboleth
Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
String viewerId = sm.Session().PersonURI;
if (viewerId != null && viewerId.Trim().Length > 0)
{
RedirectAuthenticatedUser();
}
else
{
string redirect = Root.Domain + "/login/default.aspx?method=shibboleth";
if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true")
redirect += "&edit=true";
else
redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString();
Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() +
HttpUtility.UrlEncode(redirect));
}
}
}
}
protected void cmdSubmit_Click(object sender, EventArgs e)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
if (Request.QueryString["method"].ToString() == "login")
{
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = txtUserName.Text.Trim();
user.Password = txtPassword.Text.Trim();
String adDomain = ConfigurationSettings.AppSettings["AD.Domain"];
String adUser = null;
String adPassword = null;
try
{
adUser = ConfigurationSettings.AppSettings["AD.User"];
adPassword = ConfigurationSettings.AppSettings["AD.Password"];
}
catch (Exception ex) { }
String admin = null;
try
{
admin = ConfigurationSettings.AppSettings["AD.AccessContact"];
}
catch (Exception ex) { }
using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, adDomain, adUser, adPassword))
{
// validate the credentials
if (pc.ValidateCredentials(user.UserName, user.Password))
{
if (data.UserLoginExternal(ref user))
{
if (Request.QueryString["edit"] == "true")
{
Response.Redirect(Root.Domain + "/edit/" + sm.Session().NodeID.ToString());
}
else
{
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
}
else
{
lblError.Text = user.UserName + " is not an authorized user of the Profiles Research Networking Software application.";
if (admin != null)
{
lblError.Text = lblError.Text + "<br>Please contact " + admin + " to obtain access.";
}
txtPassword.Text = "";
txtPassword.Focus();
}
}
else
{
lblError.Text = "Login failed, please try again";
txtPassword.Text = "";
txtPassword.Focus();
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["method"].ToString() == "logout")
{
sm.SessionLogout();
sm.SessionDestroy();
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
else if (Request.QueryString["method"].ToString() == "shibboleth")
{
// added by Eric
// If they specify an Idp, then check that they logged in from the configured IDP
bool authenticated = false;
if (ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"] == null ||
ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"].ToString().Equals(Request.Headers.Get("ShibIdentityProvider").ToString(), StringComparison.InvariantCultureIgnoreCase))
{
String userName = Request.Headers.Get(ConfigurationManager.AppSettings["Shibboleth.UserNameHeader"].ToString()); //"025693078";
if (userName != null && userName.Trim().Length > 0)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = userName;
if (data.UserLoginExternal(ref user))
{
authenticated = true;
RedirectAuthenticatedUser();
}
}
}
if (!authenticated)
{
// try and just put their name in the session.
//sm.Session().ShortDisplayName = Request.Headers.Get("ShibdisplayName");
RedirectAuthenticatedUser();
}
}
else if (Request.QueryString["method"].ToString() == "login")
{
// see if they already have a login session, if so don't send them to shibboleth
Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
String viewerId = sm.Session().PersonURI;
if (viewerId != null && viewerId.Trim().Length > 0)
{
RedirectAuthenticatedUser();
}
else
{
string redirect = Root.Domain + "/login/default.aspx?method=shibboleth";
if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true")
{
redirect += "&edit=true";
}
else
{
redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString();
}
Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() +
HttpUtility.UrlEncode(redirect));
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["method"].ToString() == "logout")
{
sm.SessionLogout();
sm.SessionDistroy();
Response.Redirect(Request.QueryString["redirectto"].ToString());
}
else if (Request.QueryString["method"].ToString() == "shibboleth")
{
// added by Eric
String employeeID = Request.Headers.Get("employeeNumber"); //"025693078";
// new IDP
if (employeeID == null || employeeID.Trim().Length == 0)
{
employeeID = Request.Headers.Get("uid"); //"025693078";
if (employeeID != null && employeeID.Trim().Length > 9)
{
employeeID = employeeID.Substring(0, 9);
}
}
if (employeeID != null && employeeID.Trim().Length > 0)
{
Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO();
Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User();
user.UserName = employeeID;
user.Password = employeeID;
if (data.UserLogin(ref user))
{
RedirectAuthenticatedUser();
}
}
}
else if (Request.QueryString["method"].ToString() == "login")
{
// see if they already have a login session, if so don't send them to shibboleth
Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement();
String viewerId = sm.Session().PersonURI;
if (viewerId != null && viewerId.Trim().Length > 0)
{
RedirectAuthenticatedUser();
}
else
{
string redirect = Root.Domain + "/login/default.aspx?method=shibboleth";
if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true")
redirect += "&edit=true";
else
redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString();
Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() +
HttpUtility.UrlEncode(redirect));
}
}
}
}