//Logs the event if it's an event we track according to the registry.
public bool Log(System.ServiceProcess.SessionChangeDescription changeDescription, pGina.Shared.Types.SessionProperties properties)
{
//Get the logging message for this event.
string msg = null;
switch (changeDescription.Reason)
{
case System.ServiceProcess.SessionChangeReason.SessionLogon:
msg = LogonEvent(changeDescription.SessionId, properties);
break;
case System.ServiceProcess.SessionChangeReason.SessionLogoff:
msg = LogoffEvent(changeDescription.SessionId, properties);
break;
case System.ServiceProcess.SessionChangeReason.SessionLock:
msg = SessionLockEvent(changeDescription.SessionId, properties);
break;
case System.ServiceProcess.SessionChangeReason.SessionUnlock:
msg = SessionUnlockEvent(changeDescription.SessionId, properties);
break;
case System.ServiceProcess.SessionChangeReason.SessionRemoteControl:
msg = SesionRemoteControlEvent(changeDescription.SessionId, properties);
break;
case System.ServiceProcess.SessionChangeReason.ConsoleConnect:
msg = ConsoleConnectEvent(changeDescription.SessionId, properties);
break;
case System.ServiceProcess.SessionChangeReason.ConsoleDisconnect:
msg = ConsoleDisconnectEvent(changeDescription.SessionId, properties);
break;
case System.ServiceProcess.SessionChangeReason.RemoteConnect:
msg = RemoteConnectEvent(changeDescription.SessionId, properties);
break;
case System.ServiceProcess.SessionChangeReason.RemoteDisconnect:
msg = RemoteDisconnectEvent(changeDescription.SessionId, properties);
break;
}
m_logger.DebugFormat("SessionChange({0}) - Message: {1}", changeDescription.Reason.ToString(), msg);
//Check if there is a message to log
if (!string.IsNullOrEmpty(msg))
{
if (m_conn == null)
throw new InvalidOperationException("No MySQL Connection present.");
//Send it to the server
logToServer(msg);
}
return true; //No msg to log
}
public pGina.Shared.Types.BooleanResult AuthenticateUser(pGina.Shared.Types.SessionProperties properties)
{
pGina.Shared.Types.UserInformation userInfo = properties.GetTrackedSingle<pGina.Shared.Types.UserInformation>();
// Get the Kerberos Realm we are authenticating against from the registry
string krbRealm = Settings.Store.Realm;
//m_logger.InfoFormat("Kerberos Target Realm: {0}", krbRealm);
/**
* Call unmanaged DLL that will deal with Microsofts AcquireCredentialHandle() and InitializeSecurityContext() calls after creating a new SEC_WIN_AUTH_IDENTITY structure
* from the supplied user name, password, and domain. The return result will indicate either success or various kerberos error messages.
* */
int r = auth_user(userInfo.Username, userInfo.Password, krbRealm, "krbtgt/" + krbRealm.ToUpper());
switch (r)
{
/*
* The SPN kerberos target service could not be reached. Format should be <service-name>/REALM where the service is usually krbtgt (kerberos ticket granting ticket) followed by
* the realm you are targeting (all capitals) such as MYREALM.UTAH.EDU
*
* ex: krbtgt/MYREALM.UTAH.EDU
* */
case -2146893039:
return new pGina.Shared.Types.BooleanResult() { Success = false, Message = "Failed to contact authenticating kerberos authority." };
/*
* The user name and/or password supplied at login through pGina does not match in the kerberos realm.
* */
case -2146893044:
return new pGina.Shared.Types.BooleanResult() { Success = false, Message = "Failed due to bad password and/or user name." };
/*
* The SPN for your kerberos target was incorrect. Format should be <service-name>/REALM where the service is usually krbtgt (kerberos ticket granting ticket) followed by
* the realm you are targeting (all capitals) such as MYREALM.UTAH.EDU
*
* ex: krbtgt/MYREALM.UTAH.EDU
* */
case -2146893053:
return new pGina.Shared.Types.BooleanResult() { Success = false, Message = "Failed due to bad kerberos Security Principal Name." };
/*
* Success
* */
case 0:
return new pGina.Shared.Types.BooleanResult() { Success = true, Message = "Success" };
default:
return new pGina.Shared.Types.BooleanResult() { Success = false, Message = "Failed to authenticate due to unknown error." + r };
}
}
public void SessionChange(System.ServiceProcess.SessionChangeDescription changeDescription, pGina.Shared.Types.SessionProperties properties)
{
m_logger.DebugFormat("SessionChange({0}) - ID: {1}", changeDescription.Reason.ToString(), changeDescription.SessionId);
//If SessionMode is enabled, send event to it.
if ((bool)Settings.Store.SessionMode)
{
ILoggerMode mode = LoggerModeFactory.getLoggerMode(LoggerMode.SESSION);
mode.Log(changeDescription, properties);
}
//If EventMode is enabled, send event to it.
if ((bool)Settings.Store.EventMode)
{
ILoggerMode mode = LoggerModeFactory.getLoggerMode(LoggerMode.EVENT);
mode.Log(changeDescription, properties);
}
//Close the connection if it's still open
LoggerModeFactory.closeConnection();
}
public void SessionChange(System.ServiceProcess.SessionChangeDescription changeDescription, pGina.Shared.Types.SessionProperties properties)
{
m_logger.DebugFormat("SessionChange({0})", changeDescription.Reason.ToString());
string msg = null;
switch (changeDescription.Reason)
{
case System.ServiceProcess.SessionChangeReason.SessionLogon:
msg = LogonEvent(changeDescription.SessionId);
break;
case System.ServiceProcess.SessionChangeReason.SessionLogoff:
msg = LogoffEvent(changeDescription.SessionId);
break;
case System.ServiceProcess.SessionChangeReason.SessionLock:
msg = SessionLockEvent(changeDescription.SessionId);
break;
case System.ServiceProcess.SessionChangeReason.SessionUnlock:
msg = SessionUnlockEvent(changeDescription.SessionId);
break;
case System.ServiceProcess.SessionChangeReason.SessionRemoteControl:
msg = SesionRemoteControlEvent(changeDescription.SessionId);
break;
case System.ServiceProcess.SessionChangeReason.ConsoleConnect:
msg = ConsoleConnectEvent(changeDescription.SessionId);
break;
case System.ServiceProcess.SessionChangeReason.ConsoleDisconnect:
msg = ConsoleDisconnectEvent(changeDescription.SessionId);
break;
case System.ServiceProcess.SessionChangeReason.RemoteConnect:
msg = RemoteConnectEvent(changeDescription.SessionId);
break;
case System.ServiceProcess.SessionChangeReason.RemoteDisconnect:
msg = RemoteDisconnectEvent(changeDescription.SessionId);
break;
}
if (!string.IsNullOrEmpty(msg))
{
m_logger.Debug(msg);
// Log to DB
try
{
using (DbLogger log = DbLogger.Connect())
{
log.Log(msg);
}
}
catch (MySqlException e)
{
if (e.Number == 1042)
m_logger.ErrorFormat("Unable to connect to host: {0}", Settings.Store.Host);
else
m_logger.Error(e.ToString());
}
catch (Exception e)
{
m_logger.ErrorFormat("Error logging to DB: {0}", e);
}
}
}
//Processes accounting on logon/logoff
public void SessionChange(System.ServiceProcess.SessionChangeDescription changeDescription, pGina.Shared.Types.SessionProperties properties)
{
if (changeDescription.Reason != System.ServiceProcess.SessionChangeReason.SessionLogon
&& changeDescription.Reason != System.ServiceProcess.SessionChangeReason.SessionLogoff)
{
//m_logger.DebugFormat("Not logging on or off for this session change call ({0})... exiting.", changeDescription.Reason);
return;
}
if (properties == null)
{
//m_logger.DebugFormat("No session properties available. This account does not appear to be managed by pGina. Exiting SessionChange()");
return;
}
if (!(bool)Settings.Store.EnableAcct)
{
m_logger.Debug("Session Change stage set on RADIUS plugin but accounting is not enabled in plugin settings.");
return;
}
//Determine username (may change depending on value of UseModifiedName setting)
string username = null;
UserInformation ui = properties.GetTrackedSingle<UserInformation>();
if (ui == null)
{
//m_logger.DebugFormat("No userinformation for this session logoff... exiting...");
return;
}
if ((bool)Settings.Store.UseModifiedName)
username = ui.Username;
else
username = ui.OriginalUsername;
Session session = null;
//User is logging on
if (changeDescription.Reason == System.ServiceProcess.SessionChangeReason.SessionLogon)
{
lock (m_sessionManager)
{
//Check if session information is already available for this id
if (!m_sessionManager.Keys.Contains(properties.Id))
{
//No session info - must have authed with something other than RADIUS.
//m_logger.DebugFormat("RADIUS Accounting Logon: Unable to find session for {0} with GUID {1}", username, properties.Id);
if(!(bool)Settings.Store.AcctingForAllUsers){
//m_logger.Debug("Accounting for non-RADIUS users is disabled. Exiting.");
return;
}
RADIUSClient client = GetClient();
session = new Session(properties.Id, username, client);
m_sessionManager.Add(properties.Id, session);
//Check forced interim-update setting
if ((bool)Settings.Store.SendInterimUpdates && (bool)Settings.Store.ForceInterimUpdates)
{
int interval = (int)Settings.Store.InterimUpdateTime;
session.SetInterimUpdate(interval, InterimUpdatesCallback);
}
}
else
session = m_sessionManager[properties.Id];
}
//Determine which plugin authenticated the user (if any)
PluginActivityInformation pai = properties.GetTrackedSingle<PluginActivityInformation>();
Packet.Acct_Authentic authSource = Packet.Acct_Authentic.Not_Specified;
IEnumerable<Guid> authPlugins = pai.GetAuthenticationPlugins();
Guid LocalMachinePluginGuid = new Guid("{12FA152D-A2E3-4C8D-9535-5DCD49DFCB6D}");
foreach (Guid guid in authPlugins)
{
if (pai.GetAuthenticationResult(guid).Success)
{
if (guid == SimpleUuid)
authSource = Packet.Acct_Authentic.RADIUS;
else if (guid == LocalMachinePluginGuid)
authSource = Packet.Acct_Authentic.Local;
else //Not RADIUS, not Local, must be some other auth plugin
authSource = Packet.Acct_Authentic.Remote;
break;
}
}
//We can finally start the accounting process
try
{
lock (session)
{
session.windowsSessionId = changeDescription.SessionId; //Grab session ID now that we're authenticated
session.username = username; //Accting username may have changed depending on 'Use Modified username for accounting option'
session.client.startAccounting(username, authSource);
//m_logger.DebugFormat("Successfully completed accounting start process...");
}
}
catch (Exception e)
{
m_logger.Error("Error occurred while starting accounting.", e);
}
}
//User is logging off
else if (changeDescription.Reason == System.ServiceProcess.SessionChangeReason.SessionLogoff)
{
lock (m_sessionManager)
{
if (m_sessionManager.Keys.Contains(properties.Id))
session = m_sessionManager[properties.Id];
else
{
//m_logger.DebugFormat("Users {0} is logging off, but no RADIUS session information is available for session ID {1}.", username, properties.Id);
return;
}
//Remove the session from the session manager
m_sessionManager.Remove(properties.Id);
}
lock (session)
{
//Disbale any active callbacks for this session
session.disableCallbacks();
session.active = false;
//Assume normal logout if no other terminate reason is listed.
if (session.terminate_cause == null)
session.terminate_cause = Packet.Acct_Terminate_Cause.User_Request;
try
{
//m_logger.DebugFormat("About to send accounting stop packet. Session has been active {0} seconds.", (DateTime.Now - session.client.accountingStartTime).TotalSeconds);
session.client.stopAccounting(session.username, session.terminate_cause);
}
catch (RADIUSException re)
{
m_logger.DebugFormat("Unable to send accounting stop message for user {0} with ID {1}. Message: {2}", session.username, session.id, re.Message);
}
}
}
}
//Processes accounting on logon/logoff
public void SessionChange(System.ServiceProcess.SessionChangeDescription changeDescription, pGina.Shared.Types.SessionProperties properties)
{
m_logger.DebugFormat("SessionChange({0})", properties.Id.ToString());
string username = null;
if ((bool)Settings.Store.UseModifiedName)
username = properties.GetTrackedSingle<UserInformation>().Username;
else
username = properties.GetTrackedSingle<UserInformation>().OriginalUsername;
if (changeDescription.Reason == System.ServiceProcess.SessionChangeReason.SessionLogon)
{
//Create a new unique id for this accounting session and store it
String sessionId = Guid.NewGuid().ToString();
lock (sessionIDLock)
{
sessionIDs.Add(username, sessionId);
}
//Determine which plugin authenticated the user (if any)
PluginActivityInformation pai = properties.GetTrackedSingle<PluginActivityInformation>();
Packet.Acct_AuthenticType authSource = Packet.Acct_AuthenticType.Not_Specified;
IEnumerable<Guid> authPlugins = pai.GetAuthenticationPlugins();
Guid LocalMachinePluginGuid = new Guid("{12FA152D-A2E3-4C8D-9535-5DCD49DFCB6D}");
foreach (Guid guid in authPlugins)
{
if (pai.GetAuthenticationResult(guid).Success)
{
if (guid == SimpleUuid)
authSource = Packet.Acct_AuthenticType.RADIUS;
else if (guid == LocalMachinePluginGuid)
authSource = Packet.Acct_AuthenticType.Local;
else
authSource = Packet.Acct_AuthenticType.Remote;
break;
}
}
try
{
RADIUSClient client = GetClient(sessionId);
client.startAccounting(username, authSource);
}
catch (Exception e)
{
m_logger.Error("Error occurred while starting accounting.", e);
}
}
else if (changeDescription.Reason == System.ServiceProcess.SessionChangeReason.SessionLogoff)
{
//Check if guid was stored from accounting start request (if not, no point in sending a stop request)
string sessionId = null;
lock (sessionIDLock)
{
sessionId = sessionIDs.ContainsKey(username) ? sessionIDs[username] : null;
if (sessionId == null)
{
m_logger.ErrorFormat("Error sending accounting stop request. No guid available for {0}", username);
return;
} //Remove the session id since we're logging off
sessionIDs.Remove(username);
}
try
{
RADIUSClient client = GetClient(sessionId);
client.stopAccounting(username, Packet.Acct_Terminate_CauseType.User_Request);
}
catch (Exception e)
{
m_logger.Error("Error occurred while stopping accounting.", e);
return;
}
}
}
public HiddenForm(pGina.Service.Impl.ServiceThread serviceThreadObj)
{
m_serviceThreadObj = serviceThreadObj;
InitializeComponent();
}
