/// <summary>
/// Handles an authorization request. Uses
/// <see cref="Membership.Provider" /> to handle authentication of
/// the user and returns connection information if the user is
/// authorized to connect to the database.
/// </summary>
/// <param name="request">The request.</param>
/// <returns>The authorization</returns>
/// <externalUnit see="GetAuthentication" />
/// <externalUnit see="SetAuthorizationDBInfo" />
/// <revision revisor="dev14" date="1/8/2010" version="1.1.5.05">
/// Member Created
/// </revision>
/// <revision revisor="dev14" date="2/19/2010" version="1.1.6.22">
/// Fixed setting expiration time.
/// </revision>
/// <revision revisor="dev14" date="2/25/2010" version="1.1.7.04">
/// Extracted [GetAuthentication]
/// </revision>
/// <revision revisor="dev14" date="2/25/2010" version="1.1.7.04">
/// Removed setting expiration
/// </revision>
/// <revision revisor="dev13" date="3/18/2010" version="1.1.7.26">
/// Added call to SetDbName on Authorization manager so that the
/// custom membership provider will have access to this property.
/// </revision>
private DBAuthorization GetAuthorization(AuthorizationRequest request)
{
var manager = AuthorizationManager.Instance;
manager.SetDbName(request.DatabaseName);
// create a new authorization response
var authorization = new DBAuthorization();
// set the authorization creation time
authorization.CreatedTime = DateTime.Now;
// get the application username from the request. This is the user
// that is authenticated with the MS Membership provider. It is NOT
// the database username.
string username = request.Username;
// get the password for application user
string password = request.Password;
// get the database name that the user wants to get the
// connection for
string databaseName = request.DatabaseName;
// check membership provider and set roles if authenticated
this.GetAuthentication(authorization, username, password);
// add the database information to the authorization response
this.SetAuthorizationDBInfo(authorization, databaseName);
// return the authorization to the service client
return(authorization);
}
/// <summary>
/// Sets the authorization DB info.
/// </summary>
/// <param name="authorization">The authorization.</param>
/// <param name="dbName">Name of the db.</param>
/// <externalUnit/>
/// <revision revisor="dev14" date="1/18/2010" version="1.1.5.15">
/// Member Created
/// </revision>
/// <revision revisor="dev14" date="1/21/2010" version="1.1.5.18">
/// Removed dynamic appConfig keys. Just one username and pwd
/// for the database now.
/// </revision>
/// <revision revisor="dev14" date="2/10/2010" version="1.1.6.13">
/// Changed to get authorization uname and pwd from authorization
/// manager after it has been updated.
/// </revision>
/// <revision revisor="dev14" date="3/2/2010" version="1.1.7.09">
/// Gets a credential object from the manager instead of a
/// different authorization object
/// </revision>
private void SetAuthorizationDBInfo(
DBAuthorization authorization, string dbName)
{
var manager = AuthorizationManager.Instance;
// get authorization from the manager class
var newCredential = manager.GetCurrentCredential(dbName);
// TODO: Should be able to configure database server name - dev14
// set db settings on authorization
authorization.DBServer = ".";
authorization.DBName = dbName;
authorization.DBUser = newCredential.CurrentUser;
authorization.DBPassword = newCredential.CurrentPassword;
}
/// <summary>
/// Checks the membership provider to authenticate the user and
/// add the user roles to the authorization response
/// </summary>
/// <param name="authorization">The authorization response.</param>
/// <param name="username">The username.</param>
/// <param name="password">The password.</param>
/// <externalUnit/>
/// <revision revisor="dev14" date="2/25/2010" version="1.1.7.04">
/// Member Created
/// </revision>
/// <revision revisor="dev13" date="3/18/2010" version="1.1.7.26">
/// Changed membership provider to custom provider
/// </revision>
private void GetAuthentication(
DBAuthorization authorization, string username, string password)
{
// get the membership provider
var membership =
Membership.
Providers["Sequoia.DBAuthService.SequoiaMembershipProvider"];
// check that the membership provider was set in config
if (membership == null)
{
// no provider so cannot authenticate
authorization.IsAuthenticated = false;
authorization.Roles = new string[0];
}
else
{
try
{
// authenticate given username/password
authorization.IsAuthenticated =
membership.ValidateUser(
username,
password);
// check whether user is authenticated
if (authorization.IsAuthenticated)
{
// get the membership roles the user belongs to from
// the Roles provider
authorization.Roles = Roles.GetRolesForUser(username);
}
}
catch (Exception ex)
{
// TODO: log this error?
var error = ex.Message + ex.StackTrace;
// rethrow error
throw;
}
}
}
/// <summary>
/// The compliment to [BeginGetAuthorization] in order to handle
/// asynchronous operation of [GetAuthorization]
/// </summary>
/// <param name="result">
/// An instance of <see cref="AuthorizeAsyncResult" />, the result
/// of the [BeginGetAuthorization] call.</param>
/// <returns>The authorization</returns>
/// <externalUnit/>
/// <revision revisor="dev14" date="2/16/2010" version="1.1.6.19">
/// Member Created
/// </revision>
/// <revision revisor="dev01" date="3/3/2010" version="1.1.7.10">
/// Added logging support
/// </revision>
/// <revision revisor="dev14" date="3/9/2010" version="1.1.7.16">
/// Removed logging of the username
/// </revision>
public DBAuthorization EndGetAuthorization(IAsyncResult result)
{
// initialize a blank authorization
DBAuthorization authorization = null;
// check that BeginGetAuthorization has returned a valid result
if (result != null)
{
// cast the result as an AuthorizeAsyncResult
// We will dispose of the result when we are finished
using (var asyncResult = result as AuthorizeAsyncResult)
{
// check that the result returned by BeginGetAuthorization
// is a true AuthorizeAsyncResult and not some other
// implementation of IAsyncResult
if (asyncResult == null)
{
throw new ArgumentNullException(
"result",
Properties.Resources.IAsyncResultError);
}
// block reset event until freed (?)
asyncResult.AsyncWait.WaitOne();
// set authorization to return to what GetAuthorization
// has asynchronously returned
authorization = asyncResult.Authorization;
// Log that we returned a new authorization
LogHelper.Log(
string.Format(
Properties.Resources.LogAuthorizationReturned,
Environment.NewLine,
authorization.DBName));
}
}
// return the authorization to the service client
return(authorization);
}
