/// <summary>
/// Authenticate the credentials against the configuration database.
/// </summary>
/// <param name="credentials">A credential object such as a <see cref="NamePasswordCredential"/>.</param>
/// <param name="userIdentity">An <see cref="IIdentity"/> object representing
/// authenticated credentials returned if successfull.</param>
/// <returns><strong>True</strong> if authentication was
/// successful, otherwise false.</returns>
/// <remarks>
/// This method call is intended to be overloaded to support additional
/// credential objects if/when they are brought online.
/// </remarks>
public bool Authenticate(object credentials, out IIdentity userIdentity)
{
bool result = false;
userIdentity = null;
NamePasswordCredential namePasswordCredentials = credentials as NamePasswordCredential;
if (namePasswordCredentials != null && namePasswordCredentials.Name.Length > 0)
{
SecurityAuthenticationCheckEvent.Fire(namePasswordCredentials.Name);
result = PasswordsMatch(namePasswordCredentials.PasswordBytes, namePasswordCredentials.Name);
if (result)
{
userIdentity = new GenericIdentity(namePasswordCredentials.Name, GetAuthenticationType());
}
else
{
SecurityAuthenticationFailedEvent.Fire(namePasswordCredentials.Name);
}
}
return(result);
}
public void ConstructorString()
{
NamePasswordCredential cred = new NamePasswordCredential("joe", pwd);
Assert.AreEqual("joe", cred.Name);
Assert.AreEqual(pwd, cred.Password);
}
public void ConstructorString()
{
NamePasswordCredential cred = new NamePasswordCredential("joe", pwd);
Assert.AreEqual("joe", cred.Name);
Assert.AreEqual(pwd, cred.Password);
}
public void ZeroLengthPasswordIsValid()
{
NamePasswordCredential cred = new NamePasswordCredential("fred", "");
Assert.AreEqual("fred", cred.Name);
Assert.AreEqual("", cred.Password);
Assert.AreEqual(0, cred.PasswordBytes.Length);
}
public void ZeroLengthPasswordIsValid()
{
NamePasswordCredential cred = new NamePasswordCredential("fred", "");
Assert.AreEqual("fred", cred.Name);
Assert.AreEqual("", cred.Password);
Assert.AreEqual(0, cred.PasswordBytes.Length);
}
public void AuthenticationSucceedsWithZeroLengthPassword()
{
NamePasswordCredential credentials = new NamePasswordCredential("emptyUser", new byte[] {});
IIdentity identity;
bool successfulAuthentication = dbAuthProvider.Authenticate(credentials, out identity);
Assert.IsTrue(successfulAuthentication);
Assert.IsTrue(identity.IsAuthenticated);
}
public int userLogin(User user)
{
int loginState = 0;
byte[] userPassword = new SHA1Managed().ComputeHash(
ASCIIEncoding.ASCII.GetBytes(user.UserPassword));
// manager.CreateUser(user.UserLoginID,userPassword);
try
{
// if(manager.UserExists(user.UserLoginID))
// {
// if(Convert.ToBase64String(userPassword).Equals
// (Convert.ToBase64String(manager.GetPassword(user.UserLoginID))))
// {
NamePasswordCredential credentials;
credentials = new NamePasswordCredential(user.UserLoginID,
ASCIIEncoding.ASCII.GetBytes(user.UserPassword));
IAuthenticationProvider authProvider;
authProvider = AuthenticationFactory.GetAuthenticationProvider("Database Provider");
bool authenticated = false;
IIdentity identity;
authenticated = authProvider.Authenticate(credentials, out identity);
if (authenticated)
{
loginState = 1; //登陆成功
IRolesProvider rolesProvider = RolesFactory.GetRolesProvider("Role Database Provider");
IPrincipal principal = rolesProvider.GetRoles(identity);
Thread.CurrentPrincipal = principal;
}
// }
// else
// {
// loginState = 2;//密码错误
// }
// }
// else
// {
// loginState = -1;//用户不存在
// }
}
catch (Exception ex)
{
throw ex;
}
return(loginState);
}
public void AuthenticationSucceedsWithZeroLengthPassword()
{
NamePasswordCredential credentials = new NamePasswordCredential("emptyUser", new byte[] {});
IIdentity identity;
bool successfulAuthentication = dbAuthProvider.Authenticate(credentials, out identity);
Assert.IsTrue(successfulAuthentication);
Assert.IsTrue(identity.IsAuthenticated);
}
public void CheckIfAuthenticationFailsWithNullCredentialObject()
{
NamePasswordCredential credentials = null;
IIdentity identity;
bool retVal = dbAuthProvider.Authenticate(credentials, out identity);
Assert.IsFalse(retVal);
Assert.IsNull(identity);
}
public void CheckIfAuthenticationFailsWithInvalidUsername()
{
byte[] password = ASCIIEncoding.ASCII.GetBytes("password");
NamePasswordCredential credentials = new NamePasswordCredential("invalidUserName", password);
IIdentity identity;
bool retVal = dbAuthProvider.Authenticate(credentials, out identity);
Assert.IsFalse(retVal);
Assert.IsNull(identity);
}
public void CheckIfAuthenticationSucceedsWithValidCredentials()
{
NamePasswordCredential credentials = new NamePasswordCredential(username, password);
IIdentity identity;
bool retVal = dbAuthProvider.Authenticate(credentials, out identity);
Assert.IsTrue(retVal);
Assert.IsNotNull(identity);
Assert.AreEqual(username, identity.Name);
Assert.IsTrue(identity.IsAuthenticated);
}
public void AuthenticationCanBeSuccessfulTwice()
{
NamePasswordCredential credentials = new NamePasswordCredential(username, password);
IIdentity firstIdentity;
bool firstCall = dbAuthProvider.Authenticate(credentials, out firstIdentity);
IIdentity secondIdentity;
bool secondCall = dbAuthProvider.Authenticate(credentials, out secondIdentity);
Assert.IsTrue(firstCall);
Assert.IsTrue(secondCall);
Assert.IsNotNull(secondIdentity);
}
public void AuthenticationCanBeSuccessfulTwice()
{
NamePasswordCredential credentials = new NamePasswordCredential(username, password);
IIdentity firstIdentity;
bool firstCall = dbAuthProvider.Authenticate(credentials, out firstIdentity);
IIdentity secondIdentity;
bool secondCall = dbAuthProvider.Authenticate(credentials, out secondIdentity);
Assert.IsTrue(firstCall);
Assert.IsTrue(secondCall);
Assert.IsNotNull(secondIdentity);
}
public void CheckIfAuthenticationSucceedsWithValidCredentialsThroughInterface()
{
IAuthenticationProvider IAuthProvider = AuthenticationFactory.GetAuthenticationProvider("DbAuthenticationProviderName");
NamePasswordCredential credentials = new NamePasswordCredential(username, password);
IIdentity identity;
bool retVal = IAuthProvider.Authenticate(credentials, out identity);
Assert.IsTrue(retVal);
Assert.IsNotNull(identity);
Assert.AreEqual(username, identity.Name);
Assert.IsTrue(identity.IsAuthenticated);
}
public void CheckIfAuthenticationFailsWithInvalidPassword()
{
byte[] password = ASCIIEncoding.ASCII.GetBytes("InvalidPassword");
NamePasswordCredential credentials = new NamePasswordCredential(username, password);
IIdentity identity;
bool retVal = dbAuthProvider.Authenticate(credentials, out identity);
Assert.IsFalse(retVal);
Assert.IsNull(identity);
}
public void CheckIfAuthenticationSucceedsWithValidCredentialsThroughInterface()
{
IAuthenticationProvider IAuthProvider = AuthenticationFactory.GetAuthenticationProvider("DbAuthenticationProviderName");
NamePasswordCredential credentials = new NamePasswordCredential(username, password);
IIdentity identity;
bool retVal = IAuthProvider.Authenticate(credentials, out identity);
Assert.IsTrue(retVal);
Assert.IsNotNull(identity);
Assert.AreEqual(username, identity.Name);
Assert.IsTrue(identity.IsAuthenticated);
}
public void CheckIfAuthenticationSucceedsWithValidCredentials()
{
NamePasswordCredential credentials = new NamePasswordCredential(username, password);
IIdentity identity;
bool retVal = dbAuthProvider.Authenticate(credentials, out identity);
Assert.IsTrue(retVal);
Assert.IsNotNull(identity);
Assert.AreEqual(username, identity.Name);
Assert.IsTrue(identity.IsAuthenticated);
}
