/// <summary> /// Authenticate the credentials against the configuration database. /// </summary> /// <param name="credentials">A credential object such as a <see cref="NamePasswordCredential"/>.</param> /// <param name="userIdentity">An <see cref="IIdentity"/> object representing /// authenticated credentials returned if successfull.</param> /// <returns><strong>True</strong> if authentication was /// successful, otherwise false.</returns> /// <remarks> /// This method call is intended to be overloaded to support additional /// credential objects if/when they are brought online. /// </remarks> public bool Authenticate(object credentials, out IIdentity userIdentity) { bool result = false; userIdentity = null; NamePasswordCredential namePasswordCredentials = credentials as NamePasswordCredential; if (namePasswordCredentials != null && namePasswordCredentials.Name.Length > 0) { SecurityAuthenticationCheckEvent.Fire(namePasswordCredentials.Name); result = PasswordsMatch(namePasswordCredentials.PasswordBytes, namePasswordCredentials.Name); if (result) { userIdentity = new GenericIdentity(namePasswordCredentials.Name, GetAuthenticationType()); } else { SecurityAuthenticationFailedEvent.Fire(namePasswordCredentials.Name); } } return(result); }
public void ConstructorString() { NamePasswordCredential cred = new NamePasswordCredential("joe", pwd); Assert.AreEqual("joe", cred.Name); Assert.AreEqual(pwd, cred.Password); }
public void ZeroLengthPasswordIsValid() { NamePasswordCredential cred = new NamePasswordCredential("fred", ""); Assert.AreEqual("fred", cred.Name); Assert.AreEqual("", cred.Password); Assert.AreEqual(0, cred.PasswordBytes.Length); }
public void AuthenticationSucceedsWithZeroLengthPassword() { NamePasswordCredential credentials = new NamePasswordCredential("emptyUser", new byte[] {}); IIdentity identity; bool successfulAuthentication = dbAuthProvider.Authenticate(credentials, out identity); Assert.IsTrue(successfulAuthentication); Assert.IsTrue(identity.IsAuthenticated); }
public int userLogin(User user) { int loginState = 0; byte[] userPassword = new SHA1Managed().ComputeHash( ASCIIEncoding.ASCII.GetBytes(user.UserPassword)); // manager.CreateUser(user.UserLoginID,userPassword); try { // if(manager.UserExists(user.UserLoginID)) // { // if(Convert.ToBase64String(userPassword).Equals // (Convert.ToBase64String(manager.GetPassword(user.UserLoginID)))) // { NamePasswordCredential credentials; credentials = new NamePasswordCredential(user.UserLoginID, ASCIIEncoding.ASCII.GetBytes(user.UserPassword)); IAuthenticationProvider authProvider; authProvider = AuthenticationFactory.GetAuthenticationProvider("Database Provider"); bool authenticated = false; IIdentity identity; authenticated = authProvider.Authenticate(credentials, out identity); if (authenticated) { loginState = 1; //登陆成功 IRolesProvider rolesProvider = RolesFactory.GetRolesProvider("Role Database Provider"); IPrincipal principal = rolesProvider.GetRoles(identity); Thread.CurrentPrincipal = principal; } // } // else // { // loginState = 2;//密码错误 // } // } // else // { // loginState = -1;//用户不存在 // } } catch (Exception ex) { throw ex; } return(loginState); }
public void CheckIfAuthenticationFailsWithNullCredentialObject() { NamePasswordCredential credentials = null; IIdentity identity; bool retVal = dbAuthProvider.Authenticate(credentials, out identity); Assert.IsFalse(retVal); Assert.IsNull(identity); }
public void CheckIfAuthenticationFailsWithInvalidUsername() { byte[] password = ASCIIEncoding.ASCII.GetBytes("password"); NamePasswordCredential credentials = new NamePasswordCredential("invalidUserName", password); IIdentity identity; bool retVal = dbAuthProvider.Authenticate(credentials, out identity); Assert.IsFalse(retVal); Assert.IsNull(identity); }
public void CheckIfAuthenticationSucceedsWithValidCredentials() { NamePasswordCredential credentials = new NamePasswordCredential(username, password); IIdentity identity; bool retVal = dbAuthProvider.Authenticate(credentials, out identity); Assert.IsTrue(retVal); Assert.IsNotNull(identity); Assert.AreEqual(username, identity.Name); Assert.IsTrue(identity.IsAuthenticated); }
public void AuthenticationCanBeSuccessfulTwice() { NamePasswordCredential credentials = new NamePasswordCredential(username, password); IIdentity firstIdentity; bool firstCall = dbAuthProvider.Authenticate(credentials, out firstIdentity); IIdentity secondIdentity; bool secondCall = dbAuthProvider.Authenticate(credentials, out secondIdentity); Assert.IsTrue(firstCall); Assert.IsTrue(secondCall); Assert.IsNotNull(secondIdentity); }
public void CheckIfAuthenticationSucceedsWithValidCredentialsThroughInterface() { IAuthenticationProvider IAuthProvider = AuthenticationFactory.GetAuthenticationProvider("DbAuthenticationProviderName"); NamePasswordCredential credentials = new NamePasswordCredential(username, password); IIdentity identity; bool retVal = IAuthProvider.Authenticate(credentials, out identity); Assert.IsTrue(retVal); Assert.IsNotNull(identity); Assert.AreEqual(username, identity.Name); Assert.IsTrue(identity.IsAuthenticated); }
public void CheckIfAuthenticationFailsWithInvalidPassword() { byte[] password = ASCIIEncoding.ASCII.GetBytes("InvalidPassword"); NamePasswordCredential credentials = new NamePasswordCredential(username, password); IIdentity identity; bool retVal = dbAuthProvider.Authenticate(credentials, out identity); Assert.IsFalse(retVal); Assert.IsNull(identity); }