public BooleanResult AuthenticateUser(Shared.Types.SessionProperties properties)
{
// Get the LdapServer object from the session properties (created in BeginChain)
LdapServer server = properties.GetTrackedSingle <LdapServer>();
if (server == null)
{
return new BooleanResult()
{
Success = false, Message = "Internal error: LdapServer object not available"
}
}
;
try
{
m_logger.DebugFormat("AuthenticateUser({0})", properties.Id.ToString());
Shared.Types.UserInformation userInfo = properties.GetTrackedSingle <Shared.Types.UserInformation>();
m_logger.DebugFormat("Received username: {0}", userInfo.Username);
// Authenticate the login
m_logger.DebugFormat("Attempting authentication for {0}", userInfo.Username);
// Se o login foi realizado com sucesso, vamos mapear o disco da rede.
BooleanResult result = server.Authenticate(userInfo.Username, userInfo.Password);
return(result);
}
catch (Exception e)
{
if (e is LdapException)
{
LdapException ldapEx = (e as LdapException);
if (ldapEx.ErrorCode == 81)
{
// Server can't be contacted, set server object to null
m_logger.ErrorFormat("Server unavailable: {0}, {1}", ldapEx.ServerErrorMessage, e.Message);
server.Close();
properties.AddTrackedSingle <LdapServer>(null);
return(new BooleanResult {
Success = false, Message = "Failed to contact LDAP server."
});
}
}
// This is an unexpected error, so set LdapServer object to null, because
// subsequent stages shouldn't use it, and this indicates to later stages
// that this stage failed unexpectedly.
server.Close();
properties.AddTrackedSingle <LdapServer>(null);
m_logger.ErrorFormat("Exception in LDAP authentication: {0}", e);
throw; // Allow pGina service to catch and handle exception
}
}
public Shared.Types.BooleanResult AuthenticatedUserGateway(Shared.Types.SessionProperties properties)
{
UserInformation userInfo = properties.GetTrackedSingle<UserInformation>();
try
{
using (MySqlUserDataSource dataSource = new MySqlUserDataSource())
{
List<GroupGatewayRule> rules = GroupRuleLoader.GetGatewayRules();
foreach (GroupGatewayRule rule in rules)
{
m_logger.DebugFormat("Checking rule: {0}", rule.ToString());
if (rule.RuleMatch(dataSource.IsMemberOfGroup(userInfo.Username, rule.Group)))
{
m_logger.DebugFormat("Rule is a match, adding to {0}", rule.LocalGroup);
userInfo.Groups.Add(new GroupInformation { Name = rule.LocalGroup });
}
else
{
m_logger.DebugFormat("Rule is not a match");
}
}
}
}
catch (Exception e)
{
m_logger.ErrorFormat("Unexpected error: {0}", e);
throw;
}
// Always return success
return new Shared.Types.BooleanResult { Success = true };
}
public Shared.Types.BooleanResult AuthenticatedUserGateway(Shared.Types.SessionProperties properties)
{
UserInformation userInfo = properties.GetTrackedSingle <UserInformation>();
try
{
using (MySqlUserDataSource dataSource = new MySqlUserDataSource())
{
List <GroupGatewayRule> rules = GroupRuleLoader.GetGatewayRules();
foreach (GroupGatewayRule rule in rules)
{
m_logger.DebugFormat("Checking rule: {0}", rule.ToString());
if (rule.RuleMatch(dataSource.IsMemberOfGroup(userInfo.Username, rule.Group)))
{
m_logger.DebugFormat("Rule is a match, adding to {0}", rule.LocalGroup);
userInfo.Groups.Add(new GroupInformation {
Name = rule.LocalGroup
});
}
else
{
m_logger.DebugFormat("Rule is not a match");
}
}
}
}
catch (MySqlException e)
{
bool preventLogon = Settings.Store.PreventLogonOnServerError;
if (preventLogon)
{
m_logger.DebugFormat("Encountered MySQL server error, and preventing logon: {0}", e.Message);
return(new BooleanResult {
Success = false,
Message = string.Format("Preventing logon due to server error: {0}", e.Message)
});
}
else
{
m_logger.DebugFormat("Encoutered MySQL server error, but returning success anyway. Error: {0}", e.Message);
return(new BooleanResult {
Success = true,
Message = string.Format("Encountered server error: {0}", e.Message)
});
}
}
catch (Exception e)
{
m_logger.ErrorFormat("Unexpected error: {0}", e);
throw;
}
// Always return success
return(new Shared.Types.BooleanResult {
Success = true
});
}
public Shared.Types.BooleanResult AuthenticateUser(Shared.Types.SessionProperties properties)
{
Shared.Types.UserInformation userInfo = properties.GetTrackedSingle<Shared.Types.UserInformation>();
m_logger.DebugFormat("Authenticate: {0}", userInfo.Username);
UserEntry entry = null;
try
{
using (MySqlUserDataSource dataSource = new MySqlUserDataSource())
{
entry = dataSource.GetUserEntry(userInfo.Username);
}
}
catch (MySqlException ex)
{
if (ex.Number == 1042)
m_logger.ErrorFormat("Unable to connect to host: {0}", Settings.Store.Host);
else
{
m_logger.ErrorFormat("{0}", ex);
throw;
}
}
catch (Exception e)
{
m_logger.ErrorFormat("Unexpected error: {0}", e);
throw;
}
if (entry != null)
{
m_logger.DebugFormat("Retrieved info for user {0} from MySQL. Password uses {1}.",
entry.Name, entry.HashAlg.ToString());
bool passwordOk = entry.VerifyPassword(userInfo.Password);
if (passwordOk)
{
m_logger.DebugFormat("Authentication successful for {0}", userInfo.Username);
return new Shared.Types.BooleanResult() { Success = true, Message = "Success." };
}
else
{
m_logger.DebugFormat("Authentication failed for {0}", userInfo.Username);
return new Shared.Types.BooleanResult() { Success = false, Message = "Invalid username or password." };
}
}
else
{
m_logger.DebugFormat("Authentication failed for {0}", userInfo.Username);
return new Shared.Types.BooleanResult() { Success = false, Message = "Invalid username or password." };
}
}
/// <summary>
/// Stores a copy of user's login and password in SessionProperties.properties
/// so that we will still have access to them after Single User plugin (if used)
/// </summary>
public BooleanResult AuthenticatedUserGateway(Shared.Types.SessionProperties properties)
{
pluginImpl_logger.DebugFormat("Authenticated User Gateway.");
Shared.Types.UserInformation userInfo = properties.GetTrackedSingle <Shared.Types.UserInformation>();
properties.AddTracked("UserLogin", userInfo.Username);
properties.AddTracked("UserPassword", userInfo.Password);
pluginImpl_logger.DebugFormat("Login copy & password copy successfully stored in SessionProperties.properties.");
return(new BooleanResult {
Success = true, Message = "Login & password successfully stored in properties."
});
}