Пример #1
0
        public static void SignOut()
        {
            Initialize();

            HttpContext context = HttpContext.Current;

            if (context == null)
            {
                throw new HttpException("Context is null!");
            }

            HttpResponse response = context.Response;

            if (response == null)
            {
                throw new HttpException("Response is null!");
            }

            HttpCookieCollection cc = response.Cookies;

            cc.Remove(cookieName);
            HttpCookie expiration_cookie = new HttpCookie(cookieName, String.Empty);

            expiration_cookie.Expires = new DateTime(1999, 10, 12);
            expiration_cookie.Path    = cookiePath;
            if (!String.IsNullOrEmpty(cookie_domain))
            {
                expiration_cookie.Domain = cookie_domain;
            }
            cc.Add(expiration_cookie);
            Roles.DeleteCookie();
        }
        private void OnLeave(Object source, EventArgs eventArgs)
        {
            HttpApplication app;
            HttpContext     context;

            app     = (HttpApplication)source;
            context = app.Context;

            if (!Roles.Enabled || !Roles.CacheRolesInCookie || context.Response.HeadersWritten)
            {
                return;
            }

            if (context.User == null || !(context.User is RolePrincipal) || !context.User.Identity.IsAuthenticated)
            {
                return;
            }
            if (Roles.CookieRequireSSL && !context.Request.IsSecureConnection)
            { // if cookie is sent, then clear it
                if (context.Request.Cookies[Roles.CookieName] != null)
                {
                    Roles.DeleteCookie();
                }
                return;
            }
            RolePrincipal rp = (RolePrincipal)context.User;

            if (rp.CachedListChanged && context.Request.Browser.Cookies)
            {
                string s = rp.ToEncryptedTicket();
                if (string.IsNullOrEmpty(s) || s.Length > MAX_COOKIE_LENGTH)
                {
                    Roles.DeleteCookie();
                }
                else
                {
                    HttpCookie cookie = new HttpCookie(Roles.CookieName, s);
                    cookie.HttpOnly = true;
                    cookie.Path     = Roles.CookiePath;
                    cookie.Domain   = Roles.Domain;
                    if (Roles.CreatePersistentCookie)
                    {
                        cookie.Expires = rp.ExpireDate;
                    }
                    cookie.Secure = Roles.CookieRequireSSL;
                    context.Response.Cookies.Add(cookie);
                }
            }
        }
Пример #3
0
        private void OnLeave(object source, EventArgs eventArgs)
        {
            HttpApplication application = (HttpApplication)source;
            HttpContext     context     = application.Context;

            if (((Roles.Enabled && Roles.CacheRolesInCookie) && !context.Response.HeadersWritten) && (((context.User != null) && (context.User is RolePrincipal)) && context.User.Identity.IsAuthenticated))
            {
                if (Roles.CookieRequireSSL && !context.Request.IsSecureConnection)
                {
                    if (context.Request.Cookies[Roles.CookieName] != null)
                    {
                        Roles.DeleteCookie();
                    }
                }
                else
                {
                    RolePrincipal user = (RolePrincipal)context.User;
                    if (user.CachedListChanged && context.Request.Browser.Cookies)
                    {
                        string str = user.ToEncryptedTicket();
                        if (string.IsNullOrEmpty(str) || (str.Length > 0x1000))
                        {
                            Roles.DeleteCookie();
                        }
                        else
                        {
                            HttpCookie cookie = new HttpCookie(Roles.CookieName, str)
                            {
                                HttpOnly = true,
                                Path     = Roles.CookiePath,
                                Domain   = Roles.Domain
                            };
                            if (Roles.CreatePersistentCookie)
                            {
                                cookie.Expires = user.ExpireDate;
                            }
                            cookie.Secure = Roles.CookieRequireSSL;
                            context.Response.Cookies.Add(cookie);
                        }
                    }
                }
            }
        }
Пример #4
0
 private void OnEnter(object source, EventArgs eventArgs)
 {
     if (!Roles.Enabled)
     {
         if (HttpRuntime.UseIntegratedPipeline)
         {
             ((HttpApplication)source).Context.DisableNotifications(RequestNotification.EndRequest, 0);
         }
     }
     else
     {
         HttpApplication application = (HttpApplication)source;
         HttpContext     context     = application.Context;
         if (this._eventHandler != null)
         {
             RoleManagerEventArgs e = new RoleManagerEventArgs(context);
             this._eventHandler(this, e);
             if (e.RolesPopulated)
             {
                 return;
             }
         }
         if (Roles.CacheRolesInCookie)
         {
             if (context.User.Identity.IsAuthenticated && (!Roles.CookieRequireSSL || context.Request.IsSecureConnection))
             {
                 try
                 {
                     HttpCookie cookie = context.Request.Cookies[Roles.CookieName];
                     if (cookie != null)
                     {
                         string encryptedTicket = cookie.Value;
                         if ((encryptedTicket != null) && (encryptedTicket.Length > 0x1000))
                         {
                             Roles.DeleteCookie();
                         }
                         else
                         {
                             if (!string.IsNullOrEmpty(Roles.CookiePath) && (Roles.CookiePath != "/"))
                             {
                                 cookie.Path = Roles.CookiePath;
                             }
                             cookie.Domain = Roles.Domain;
                             context.SetPrincipalNoDemand(this.CreateRolePrincipalWithAssert(context.User.Identity, encryptedTicket));
                         }
                     }
                 }
                 catch
                 {
                 }
             }
             else
             {
                 if (context.Request.Cookies[Roles.CookieName] != null)
                 {
                     Roles.DeleteCookie();
                 }
                 if (HttpRuntime.UseIntegratedPipeline)
                 {
                     context.DisableNotifications(RequestNotification.EndRequest, 0);
                 }
             }
         }
         if (!(context.User is RolePrincipal))
         {
             context.SetPrincipalNoDemand(this.CreateRolePrincipalWithAssert(context.User.Identity, null));
         }
         HttpApplication.SetCurrentPrincipalWithAssert(context.User);
     }
 }
        ////////////////////////////////////////////////////////////
        ////////////////////////////////////////////////////////////
        ////////////////////////////////////////////////////////////

        /// <devdoc>
        ///    <para>[To be supplied.]</para>
        /// </devdoc>
        private void OnEnter(Object source, EventArgs eventArgs)
        {
            if (!Roles.Enabled)
            {
                if (HttpRuntime.UseIntegratedPipeline)
                {
                    ((HttpApplication)source).Context.DisableNotifications(RequestNotification.EndRequest, 0);
                }
                return;
            }

            HttpApplication app     = (HttpApplication)source;
            HttpContext     context = app.Context;

            if (_eventHandler != null)
            {
                RoleManagerEventArgs e = new RoleManagerEventArgs(context);
                _eventHandler(this, e);
                if (e.RolesPopulated)
                {
                    return;
                }
            }

            Debug.Assert(null != context.User, "null != context.User");

            if (Roles.CacheRolesInCookie)
            {
                if (context.User.Identity.IsAuthenticated && (!Roles.CookieRequireSSL || context.Request.IsSecureConnection))
                {
                    // Try to create from cookie
                    try
                    {
                        HttpCookie cookie = context.Request.Cookies[Roles.CookieName];
                        if (cookie != null)
                        {
                            string cookieValue = cookie.Value;
                            // Ignore cookies that are too long
                            if (cookieValue != null && cookieValue.Length > MAX_COOKIE_LENGTH)
                            {
                                Roles.DeleteCookie();
                            }
                            else
                            {
                                if (!String.IsNullOrEmpty(Roles.CookiePath) && Roles.CookiePath != "/")
                                {
                                    cookie.Path = Roles.CookiePath;
                                }

                                cookie.Domain = Roles.Domain;
                                context.SetPrincipalNoDemand(CreateRolePrincipalWithAssert(context.User.Identity, cookieValue));
                            }
                        }
                    }
                    catch {  } // ---- exceptions
                }
                else
                {
                    if (context.Request.Cookies[Roles.CookieName] != null)
                    {
                        Roles.DeleteCookie();
                    }
                    // if we're not using cookie caching, we don't need the EndRequest
                    // event and can suppress it
                    if (HttpRuntime.UseIntegratedPipeline)
                    {
                        context.DisableNotifications(RequestNotification.EndRequest, 0);
                    }
                }
            }

            if (!(context.User is RolePrincipal))
            {
                context.SetPrincipalNoDemand(CreateRolePrincipalWithAssert(context.User.Identity));
            }

            HttpApplication.SetCurrentPrincipalWithAssert(context.User);
        }