protected void LoginToPortal() { try { var passwordHash = Request["passwordHash"]; if (string.IsNullOrEmpty(passwordHash)) { throw new Exception(Resource.ErrorPasswordEmpty); } SecurityContext.SetUserPasswordHash(User.ID, passwordHash); MessageService.Send(Request, MessageAction.UserUpdatedPassword); CookiesManager.ResetUserCookie(); MessageService.Send(Request, MessageAction.CookieSettingsUpdated); } catch (SecurityContext.PasswordException) { ShowError(Resource.ErrorPasswordRechange, false); return; } catch (Exception ex) { ShowError(ex.Message, false); return; } Response.Redirect(CommonLinkUtility.GetDefault()); }
public void LogOutAllActiveConnections(Guid?userId = null) { var currentUserId = SecurityContext.CurrentAccount.ID; var user = CoreContext.UserManager.GetUsers(userId ?? currentUserId); var userName = user.DisplayUserName(false); var auditEventDate = DateTime.UtcNow; MessageService.Send(Request, auditEventDate, (currentUserId.Equals(user.ID)) ? MessageAction.UserLogoutActiveConnections : MessageAction.UserLogoutActiveConnectionsForUser, MessageTarget.Create(user.ID), userName); CookiesManager.ResetUserCookie(user.ID); }
[Read("logout")]// temp fix public void Logout() { if (SecurityContext.IsAuthenticated) { CookiesManager.ResetUserCookie(SecurityContext.CurrentAccount.ID); } CookiesManager.ClearCookies(CookiesType.AuthKey); CookiesManager.ClearCookies(CookiesType.SocketIO); SecurityContext.Logout(); }
protected void DeleteProfile(object sender, EventArgs e) { try { SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem); var user = CoreContext.UserManager.GetUsers(UserId); user.Status = EmployeeStatus.Terminated; CoreContext.UserManager.SaveUserInfo(user); MessageService.Send(HttpContext.Current.Request, MessageInitiator.System, MessageAction.UsersUpdatedStatus, MessageTarget.Create(user.ID), user.DisplayUserName(false)); CookiesManager.ResetUserCookie(user.ID); MessageService.Send(HttpContext.Current.Request, MessageAction.CookieSettingsUpdated); if (CoreContext.Configuration.Personal) { UserPhotoManager.RemovePhoto(user.ID); CoreContext.UserManager.DeleteUser(user.ID); MessageService.Send(Request, MessageAction.UserDeleted, MessageTarget.Create(user.ID), user.DisplayUserName(false)); } else { StudioNotifyService.Instance.SendMsgProfileHasDeletedItself(user); } operationBlock.Visible = false; result.Visible = true; errorBlock.Visible = false; } catch (Exception ex) { operationBlock.Visible = false; result.Visible = false; errorBlock.InnerHtml = ex.Message; errorBlock.Visible = true; } finally { Auth.ProcessLogout(); } }
protected void LoginToPortal(object sender, EventArgs e) { try { var pwd = Request.Form["pwdInput"]; UserManagerWrapper.CheckPasswordPolicy(pwd); SecurityContext.SetUserPassword(User.ID, pwd); MessageService.Send(Request, MessageAction.UserUpdatedPassword); CookiesManager.ResetUserCookie(); MessageService.Send(Request, MessageAction.CookieSettingsUpdated); } catch (Exception ex) { ShowError(ex.Message, false); return; } Response.Redirect(CommonLinkUtility.GetDefault()); }
public EmployeeWraperFull ChangeUserPassword(Guid userid, String password, String email) { SecurityContext.DemandPermissions(new UserSecurityProvider(userid), Core.Users.Constants.Action_EditUser); if (!CoreContext.UserManager.UserExists(userid)) { return(null); } var user = CoreContext.UserManager.GetUsers(userid); if (CoreContext.UserManager.IsSystemUser(user.ID)) { throw new SecurityException(); } if (!string.IsNullOrEmpty(email)) { var address = new MailAddress(email); if (!string.Equals(address.Address, user.Email, StringComparison.OrdinalIgnoreCase)) { user.Email = address.Address.ToLowerInvariant(); user.ActivationStatus = EmployeeActivationStatus.Activated; CoreContext.UserManager.SaveUserInfo(user); } } if (!string.IsNullOrEmpty(password)) { SecurityContext.SetUserPassword(userid, password); MessageService.Send(HttpContext.Current.Request, MessageAction.UserUpdatedPassword); CookiesManager.ResetUserCookie(); MessageService.Send(HttpContext.Current.Request, MessageAction.CookieSettingsUpdated); } return(new EmployeeWraperFull(GetUserInfo(userid.ToString()))); }
protected void Page_Load(object sender, EventArgs e) { Page.RegisterBodyScripts( "~/js/third-party/xregexp.js", "~/UserControls/Management/ConfirmActivation/js/confirmactivation.js") .RegisterStyle("~/UserControls/Management/ConfirmActivation/css/confirmactivation.less"); Page.Title = HeaderStringHelper.GetPageTitle(Resource.Authorization); var email = (Request["email"] ?? "").Trim(); if (string.IsNullOrEmpty(email)) { ShowError(Resource.ErrorNotCorrectEmail); return; } Type = typeof(ConfirmType).TryParseEnum(Request["type"] ?? "", ConfirmType.EmpInvite); try { if (Type == ConfirmType.EmailChange) { User = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID); User.Email = email; CoreContext.UserManager.SaveUserInfo(User); MessageService.Send(Request, MessageAction.UserUpdatedEmail); ActivateMail(User); const string successParam = "email_change=success"; CookiesManager.ResetUserCookie(); if (User.IsVisitor()) { Response.Redirect(CommonLinkUtility.ToAbsolute("~/My.aspx?" + successParam), true); } Response.Redirect(string.Format("{0}&{1}", User.GetUserProfilePageURL(), successParam), true); return; } User = CoreContext.UserManager.GetUserByEmail(email); if (User.ID.Equals(Constants.LostUser.ID)) { ShowError(string.Format(Resource.ErrorUserNotFoundByEmail, email)); return; } if (!User.ID.Equals(SecurityContext.CurrentAccount.ID)) { Auth.ProcessLogout(); } UserAuth(User); ActivateMail(User); passwordSetter.Visible = true; ButtonEmailAndPasswordOK.Text = Resource.EmailAndPasswordOK; } catch (ThreadAbortException) { } catch (Exception ex) { ShowError(ex.Message); } if (IsPostBack) { LoginToPortal(); } }
public bool TryGetAndSyncLdapUserInfo(string login, string password, out UserInfo userInfo) { userInfo = Constants.LostUser; NovellLdapUserImporter importer = null; try { var settings = LdapSettings.Load(); if (!settings.EnableLdapAuthentication) { return(false); } _log.DebugFormat("TryGetAndSyncLdapUserInfo(login: \"{0}\")", login); importer = new NovellLdapUserImporter(settings, Resource); var ldapUserInfo = importer.Login(login, password); if (ldapUserInfo == null || ldapUserInfo.Item1.Equals(Constants.LostUser)) { _log.DebugFormat("NovellLdapUserImporter.Login('{0}') failed.", login); return(false); } var portalUser = CoreContext.UserManager.GetUserBySid(ldapUserInfo.Item1.Sid); if (portalUser.Status == EmployeeStatus.Terminated || portalUser.Equals(Constants.LostUser)) { if (!ldapUserInfo.Item2.IsDisabled) { _log.DebugFormat("TryCheckAndSyncToLdapUser(Username: '******', Email: {1}, DN: {2})", ldapUserInfo.Item1.UserName, ldapUserInfo.Item1.Email, ldapUserInfo.Item2.DistinguishedName); if (!TryCheckAndSyncToLdapUser(ldapUserInfo, importer, out userInfo)) { importer.Dispose(); _log.Debug("TryCheckAndSyncToLdapUser() failed"); return(false); } importer.Dispose(); } else { importer.Dispose(); return(false); } } else { _log.DebugFormat("TryCheckAndSyncToLdapUser(Username: '******', Email: {1}, DN: {2})", ldapUserInfo.Item1.UserName, ldapUserInfo.Item1.Email, ldapUserInfo.Item2.DistinguishedName); var tenant = CoreContext.TenantManager.GetCurrentTenant(); new System.Threading.Tasks.Task(() => { try { CoreContext.TenantManager.SetCurrentTenant(tenant); SecurityContext.CurrentAccount = Core.Configuration.Constants.CoreSystem; var uInfo = SyncLDAPUser(ldapUserInfo.Item1); var newLdapUserInfo = new Tuple <UserInfo, LdapObject>(uInfo, ldapUserInfo.Item2); if (importer.Settings.GroupMembership) { if (!importer.TrySyncUserGroupMembership(newLdapUserInfo)) { _log.DebugFormat("TryGetAndSyncLdapUserInfo(login: \"{0}\") disabling user {1} due to not being included in any ldap group", login, uInfo); uInfo.Status = EmployeeStatus.Terminated; uInfo.Sid = null; CoreContext.UserManager.SaveUserInfo(uInfo, syncCardDav: true); CookiesManager.ResetUserCookie(uInfo.ID); } } } finally { importer.Dispose(); } }).Start(); if (ldapUserInfo.Item2.IsDisabled) { _log.DebugFormat("TryGetAndSyncLdapUserInfo(login: \"{0}\") failed, user is disabled in ldap", login); return(false); } else { userInfo = portalUser; } } return(true); } catch (Exception ex) { if (importer != null) { importer.Dispose(); } _log.ErrorFormat("TryGetLdapUserInfo(login: '******') failed. Error: {1}", login, ex); userInfo = Constants.LostUser; return(false); } }
public void ProcessRequest(HttpContext context) { try { if (!SetupInfo.IsVisibleSettings(ManagementType.SingleSignOnSettings.ToString())) { _log.DebugFormat("Single sign-on settings are disabled"); context.Response.Redirect(AUTH_PAGE + "?m=" + HttpUtility.UrlEncode(Resource.SsoSettingsDisabled), false); return; } if (CoreContext.Configuration.Standalone && !CoreContext.TenantManager.GetTenantQuota(TenantProvider.CurrentTenantID).Sso) { _log.DebugFormat("Single sign-on settings are not paid"); context.Response.Redirect( AUTH_PAGE + "?m=" + HttpUtility.UrlEncode(Resource.ErrorNotAllowedOption), false); return; } var settings = SsoSettingsV2.Load(); if (context.Request["config"] == "saml") { context.Response.StatusCode = 200; var signedSettings = Signature.Create(settings); var ssoConfig = JavaScriptSerializer.Serialize(signedSettings); context.Response.Write(ssoConfig.Replace("\"", "")); return; } if (!settings.EnableSso) { _log.DebugFormat("Single sign-on is disabled"); context.Response.Redirect(AUTH_PAGE + "?m=" + HttpUtility.UrlEncode(Resource.SsoSettingsDisabled), false); return; } var data = context.Request["data"]; if (string.IsNullOrEmpty(data)) { _log.Error("SAML response is null or empty"); context.Response.Redirect( AUTH_PAGE + "?m=" + HttpUtility.UrlEncode(Resource.SsoSettingsEmptyToken), false); return; } if (context.Request["auth"] == "true") { var userData = Signature.Read <SsoUserData>(data); if (userData == null) { _log.Error("SAML response is not valid"); MessageService.Send(context.Request, MessageAction.LoginFailViaSSO); context.Response.Redirect( AUTH_PAGE + "?m=" + HttpUtility.UrlEncode(Resource.SsoSettingsNotValidToken), false); return; } var userInfo = userData.ToUserInfo(true); if (Equals(userInfo, Constants.LostUser)) { _log.Error("Can't create userInfo using current SAML response"); context.Response.Redirect( AUTH_PAGE + "?m=" + HttpUtility.UrlEncode(Resource.SsoSettingsCantCreateUser), false); return; } if (userInfo.Status == EmployeeStatus.Terminated) { _log.Error("Current user is terminated"); context.Response.Redirect( AUTH_PAGE + "?m=" + HttpUtility.UrlEncode(Resource.SsoSettingsUserTerminated), false); return; } if (context.User != null && context.User.Identity != null && context.User.Identity.IsAuthenticated) { var authenticatedUserInfo = CoreContext.UserManager.GetUsers(((IUserAccount)context.User.Identity).ID); if (!Equals(userInfo, authenticatedUserInfo)) { var loginName = authenticatedUserInfo.DisplayUserName(false); CookiesManager.ResetUserCookie(); SecurityContext.Logout(); MessageService.Send(HttpContext.Current.Request, loginName, MessageAction.Logout); } else { _log.DebugFormat("User {0} already authenticated", context.User.Identity); } } userInfo = AddUser(userInfo); var authKey = SecurityContext.AuthenticateMe(userInfo.ID); CookiesManager.SetCookies(CookiesType.AuthKey, authKey); MessageService.Send(context.Request, MessageAction.LoginSuccessViaSSO); context.Response.Redirect(CommonLinkUtility.GetDefault() + "?token=" + HttpUtility.UrlEncode(authKey), false); } else if (context.Request["logout"] == "true") { var logoutSsoUserData = Signature.Read <LogoutSsoUserData>(data); if (logoutSsoUserData == null) { _log.Error("SAML Logout response is not valid"); MessageService.Send(context.Request, MessageAction.LoginFailViaSSO); context.Response.Redirect( AUTH_PAGE + "?m=" + HttpUtility.UrlEncode(Resource.SsoSettingsNotValidToken), false); return; } var userInfo = CoreContext.UserManager.GetSsoUserByNameId(logoutSsoUserData.NameId); if (Equals(userInfo, Constants.LostUser)) { _log.Error("Can't logout userInfo using current SAML response"); context.Response.Redirect( AUTH_PAGE + "?m=" + HttpUtility.UrlEncode(Resource.SsoSettingsCantCreateUser), false); return; } if (userInfo.Status == EmployeeStatus.Terminated) { _log.Error("Current user is terminated"); context.Response.Redirect( AUTH_PAGE + "?m=" + HttpUtility.UrlEncode(Resource.SsoSettingsUserTerminated), false); return; } SecurityContext.AuthenticateMe(userInfo.ID); var loginName = userInfo.DisplayUserName(false); CookiesManager.ResetUserCookie(); SecurityContext.Logout(); MessageService.Send(HttpContext.Current.Request, loginName, MessageAction.Logout); context.Response.Redirect(AUTH_PAGE, false); } } catch (Exception e) { _log.ErrorFormat("Unexpected error. {0}", e); context.Response.Redirect(AUTH_PAGE + "?m=" + HttpUtility.UrlEncode(e.Message), false); } finally { context.ApplicationInstance.CompleteRequest(); } }