public override object Authenticate(IObjectSpace objectSpace) { Usuario usuario; if (autoLogin) { usuario = objectSpace.FindObject <Usuario>(new BinaryOperator("UserName", "admin")); _logonParameters.ObjectSpace = objectSpace; _logonParameters.LoginUserName = usuario.UserName; _logonParameters.LoginEmpresa = usuario.EmpresaPredeterminada; } else { if (_logonParameters.UsuarioActual() == null) { throw new Exception(CaptionHelper.GetLocalizedText("Security", "UsuarioNotNull")); } if (_logonParameters.EmpresaActual() == null) { throw new Exception(CaptionHelper.GetLocalizedText("Security", "EmpresaNotNull")); } if (!_logonParameters.UsuarioActual().ComparePassword(_logonParameters.Password)) { throw new AuthenticationException(_logonParameters.UsuarioActual().UserName, SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.PasswordsAreDifferent)); } usuario = objectSpace.GetObjectByKey <Usuario>(_logonParameters.UsuarioActualId); } return(usuario); }
/// <summary> /// Método de autenticação /// </summary> /// <param name="objectSpace">ObjectSpace</param> /// <returns>usuário autenticado</returns> public override object Authenticate(IObjectSpace objectSpace) { ObjectSpace objectSpaceComSessao = (ObjectSpace)objectSpace; parameters.UserName = ADUtil.GetUsuarioLogadoPeloWindows(); WexAuthenticateAD ad = new WexAuthenticateAD(ADResources.ADServer); bool sucesso = ad.IsAuthenticated(ADResources.ADDomain, parameters.UserName); Object usuario = null; if (sucesso) { if (objectSpaceComSessao != null) { usuario = AoAutenticarUsuarioComSessao(objectSpaceComSessao.Session, parameters.UserName, ADResources.ExtEmail); } else { usuario = AoAutenticarUsuario(parameters.UserName, ADResources.ExtEmail); } } else { throw new AuthenticationException(parameters.UserName, SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation)); } return(usuario); }
protected override void ChangePassword(ChangePasswordParameters parameters) { Guard.ArgumentNotNull(parameters, "parameters"); try { CustomChangePasswordEventArgs customChangePasswordEventArgs = new CustomChangePasswordEventArgs(parameters); CustomChangePassword?.Invoke(this, customChangePasswordEventArgs); if (!customChangePasswordEventArgs.Handled) { if (!AuthenticatingEmployee.ComparePassword(parameters.OldPassword)) { throw new Exception(String.Format("{0} {1}", SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.OldPasswordIsWrong), SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation))); } if (parameters.NewPassword != parameters.ConfirmPassword) { throw new Exception(String.Format("{0} {1}", SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.PasswordsAreDifferent), SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation))); } if (AuthenticatingEmployee.ComparePassword(parameters.NewPassword)) { throw new Exception(String.Format("{0} {1}", SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.NewPasswordIsEqualToOldPassword), SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation))); } KeyValuePair <HttpStatusCode, string> result = MultiTenantHelper.SetPassword(AuthenticatingEmployee, AuthenticatingEmployee, parameters.NewPassword); if (result.Key == HttpStatusCode.OK) { AuthenticatingEmployee.SetPassword(parameters.NewPassword); AuthenticatingEmployee.ChangePasswordOnFirstLogon = false; this.ObjectSpace.SetModified(AuthenticatingEmployee); this.ObjectSpace.CommitChanges(); } SecurityModule.TryUpdateLogonParameters(parameters.NewPassword); if (!View.ObjectSpace.IsModified) { bool isCurrentUser = IsCurrentUser(View.ObjectSpace, View.CurrentObject); if (isCurrentUser) { View.ObjectSpace.ReloadObject(View.CurrentObject); } } } } catch (Exception ex) { ToastMessageHelper.ShowErrorMessage(this.Application, ex, InformationPosition.Bottom); } finally { parameters.ClearValues(); } }
private object AuthenticateStandard(IObjectSpace objectSpace) { if (string.IsNullOrEmpty(logonParameters.UserName)) { throw new ArgumentException(SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.UserNameIsEmpty)); } var user = (IAuthenticationStandardUser)objectSpace.FindObject(UserType, new BinaryOperator("UserName", logonParameters.UserName)); if (user == null || !user.ComparePassword(logonParameters.Password)) { throw new AuthenticationException(logonParameters.UserName, SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation)); } return(user); }
/// <summary> /// metodo de autenticação /// </summary> /// <param name="objectSpace">objeto de IObjectSpace</param> /// <returns>returna o usuario</returns> public override object Authenticate(IObjectSpace objectSpace) { ObjectSpace objectSpaceComSessao = (ObjectSpace)objectSpace; object user = null; WexAuthenticateAD ad = new WexAuthenticateAD(WexProject.Web.Properties.ADResources.ADServer); bool sucesso = ad.IsAuthenticated(WexProject.Web.Properties.ADResources.ADDomain, parameters.UserName, parameters.Password); if (sucesso) { if (user == null) { user = AoAutenticarUsuarioComSessao(objectSpaceComSessao.Session, parameters.UserName, WexProject.Web.Properties.ADResources.ExtEmail); } } else { throw new AuthenticationException(parameters.UserName, SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation)); } /* O código a seguir foi implementado devido a urgência de uma solicitação, * o motivo de não estar implementado dentro dos padrões de código limpo e utilizando a devida segurança é que no momento não há tempo hábil dentro do cronograma do ciclo atual. * Obs: Posteiormente deve ser reimplementado para que esteja de acordo com os padrões de código e utilizando as devidas classes de segurança. */ List <string> usuariosPermitidos = new List <string>(); usuariosPermitidos.Add("acruz"); usuariosPermitidos.Add("lbraga"); usuariosPermitidos.Add("avieira"); usuariosPermitidos.Add("lgavinho"); usuariosPermitidos.Add("rgarcia"); usuariosPermitidos.Add("amendes"); usuariosPermitidos.Add("rcaetano"); usuariosPermitidos.Add("roberto.garcia"); usuariosPermitidos.Add("ana.horta"); User usuario = (User)user; if (!usuariosPermitidos.Contains(usuario.UserName)) { throw new AuthenticationException(parameters.UserName, "Usuário não autorizado."); } return(user); }
public override object Authenticate(IObjectSpace objectSpace) { if (string.IsNullOrEmpty(((XpandLogonParameters)LogonParameters).UserName)) { throw new ArgumentException(SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.UserNameIsEmpty)); } var user = (IAuthenticationStandardUser)objectSpace.FindObject(UserType, CriteriaOperator.Parse("UserName = ?", ((XpandLogonParameters) LogonParameters) .UserName)); if (user == null || !user.ComparePassword(((XpandLogonParameters)LogonParameters).Password)) { throw new AuthenticationException(((XpandLogonParameters)LogonParameters).UserName, SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation)); } return(user); }
public override object Authenticate(DevExpress.ExpressApp.IObjectSpace objectSpace) { WinChangeDatabaseHelper.AuthenticatedUserLogonFailed = false; if (string.IsNullOrEmpty(AuthenticatedUserName)) { return(base.Authenticate(objectSpace)); } else { CustomLogonParametersForStandardAuthentication logonParameters = (CustomLogonParametersForStandardAuthentication)LogonParameters; object result = objectSpace.FindObject(UserType, new BinaryOperator("UserName", logonParameters.UserName)); if (result == null) { WinChangeDatabaseHelper.AuthenticatedUserLogonFailed = true; WinChangeDatabaseHelper.SkipLogonDialog = false; throw new AuthenticationException(logonParameters.UserName, SecurityExceptionLocalizer.GetExceptionMessage(SecurityExceptionId.RetypeTheInformation)); } AuthenticatedUserName = ""; return(result); } }