/// <summary>
/// Handler for login request
/// </summary>
public override TDSMessageCollection OnLogin7Request(ITDSServerSession session, TDSMessage request)
{
// Inflate login7 request from the message
TDSLogin7Token loginRequest = request[0] as TDSLogin7Token;
// Check if arguments are of the routing server
if (Arguments is RoutingTDSServerArguments)
{
// Cast to routing server arguments
RoutingTDSServerArguments ServerArguments = Arguments as RoutingTDSServerArguments;
// Check filter
if (ServerArguments.RequireReadOnly && (loginRequest.TypeFlags.ReadOnlyIntent != TDSLogin7TypeFlagsReadOnlyIntent.ReadOnly))
{
// Log request
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the denial details
TDSErrorToken errorToken = new TDSErrorToken(18456, 1, 14, "Received application intent: " + loginRequest.TypeFlags.ReadOnlyIntent.ToString(), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token for the final decision
errorToken = new TDSErrorToken(18456, 1, 14, "Read-Only application intent is required for routing", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Return a single message in the collection
return(new TDSMessageCollection(responseMessage));
}
}
// Delegate to the base class
return(base.OnLogin7Request(session, request));
}
/// <summary>
/// Handler for login request
/// </summary>
public virtual TDSMessageCollection OnLogin7Request(ITDSServerSession session, TDSMessage request)
{
// Inflate login7 request from the message
TDSLogin7Token loginRequest = request[0] as TDSLogin7Token;
// Log request
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Update server context
session.Database = string.IsNullOrEmpty(loginRequest.Database) ? "master" : loginRequest.Database;
// Resolve TDS version
session.TDSVersion = TDSVersion.Resolve(TDSVersion.GetTDSVersion(Arguments.ServerVersion), loginRequest.TDSVersion);
// Check for the TDS version
TDSMessageCollection collection = CheckTDSVersion(session);
// Check if any errors are posted
if (collection != null)
{
// Version check needs to send own message hence we can't proceed
return(collection);
}
// Indicates federated authentication
bool bIsFedAuthConnection = false;
// Federated authentication option to be used later
TDSLogin7FedAuthOptionToken federatedAuthenticationOption = null;
// Check if feature extension block is available
if (loginRequest.FeatureExt != null)
{
// Go over the feature extension data
foreach (TDSLogin7FeatureOptionToken option in loginRequest.FeatureExt)
{
// Check option type
switch (option.FeatureID)
{
case TDSFeatureID.SessionRecovery:
{
// Enable session recovery
session.IsSessionRecoveryEnabled = true;
// Cast to session state options
TDSLogin7SessionRecoveryOptionToken sessionStateOption = option as TDSLogin7SessionRecoveryOptionToken;
// Inflate session state
(session as GenericTDSServerSession).Inflate(sessionStateOption.Initial, sessionStateOption.Current);
break;
}
case TDSFeatureID.FederatedAuthentication:
{
// Cast to federated authentication option
federatedAuthenticationOption = option as TDSLogin7FedAuthOptionToken;
// Mark authentication as federated
bIsFedAuthConnection = true;
// Validate federated authentication option
collection = CheckFederatedAuthenticationOption(session, option as TDSLogin7FedAuthOptionToken);
if (collection != null)
{
// Version error happened.
return(collection);
}
// Save the fed auth library to be used
(session as GenericTDSServerSession).FederatedAuthenticationLibrary = federatedAuthenticationOption.Library;
break;
}
default:
{
// Do nothing
break;
}
}
}
}
// Check if SSPI authentication is requested
if (loginRequest.OptionalFlags2.IntegratedSecurity == TDSLogin7OptionalFlags2IntSecurity.On)
{
// Delegate to SSPI authentication
return(ContinueSSPIAuthentication(session, loginRequest.SSPI));
}
// If it is not a FedAuth connection or the server has been started up as not supporting FedAuth, just ignore the FeatureExtension
// Yes unfortunately for the fake server, supporting FedAuth = Requiring FedAuth
if (!bIsFedAuthConnection ||
Arguments.FedAuthRequiredPreLoginOption == TdsPreLoginFedAuthRequiredOption.FedAuthNotRequired)
{
// We use SQL authentication
session.SQLUserID = loginRequest.UserID;
// Process with the SQL login.
return(OnSqlAuthenticationCompleted(session));
}
else
{
// Fedauth feature extension is present and server has been started up as Requiring (or Supporting) FedAuth
if (federatedAuthenticationOption.IsRequestingAuthenticationInfo)
{
// Must provide client with more info before completing authentication
return(OnFederatedAuthenticationInfoRequest(session));
}
else
{
return(OnFederatedAuthenticationCompleted(session, federatedAuthenticationOption.Token));
}
}
}
/// <summary>
/// Handler for login request
/// </summary>
public override TDSMessageCollection OnLogin7Request(ITDSServerSession session, TDSMessage request)
{
// Inflate login7 request from the message
TDSLogin7Token loginRequest = request[0] as TDSLogin7Token;
// Check if arguments are of the authenticating TDS server
if (Arguments is AuthenticatingTDSServerArguments)
{
// Cast to authenticating TDS server arguments
AuthenticatingTDSServerArguments ServerArguments = Arguments as AuthenticatingTDSServerArguments;
// Check if we're still processing normal login
if (ServerArguments.ApplicationIntentFilter != ApplicationIntentFilterType.All)
{
// Check filter
if ((ServerArguments.ApplicationIntentFilter == ApplicationIntentFilterType.ReadOnly && loginRequest.TypeFlags.ReadOnlyIntent != TDSLogin7TypeFlagsReadOnlyIntent.ReadOnly) ||
(ServerArguments.ApplicationIntentFilter == ApplicationIntentFilterType.None))
{
// Log request to which we're about to send a failure
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the denial details
TDSErrorToken errorToken = new TDSErrorToken(18456, 1, 14, "Received application intent: " + loginRequest.TypeFlags.ReadOnlyIntent.ToString(), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token for the final decision
errorToken = new TDSErrorToken(18456, 1, 14, "Connection is denied by application intent filter", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Put a single message into the collection and return it
return(new TDSMessageCollection(responseMessage));
}
}
// Check if we're still processing normal login and there's a filter to check
if (ServerArguments.ServerNameFilterType != ServerNameFilterType.None)
{
// Check each algorithm
if ((ServerArguments.ServerNameFilterType == ServerNameFilterType.Equals && string.Compare(ServerArguments.ServerNameFilter, loginRequest.ServerName, true) != 0) ||
(ServerArguments.ServerNameFilterType == ServerNameFilterType.StartsWith && !loginRequest.ServerName.StartsWith(ServerArguments.ServerNameFilter)) ||
(ServerArguments.ServerNameFilterType == ServerNameFilterType.EndsWith && !loginRequest.ServerName.EndsWith(ServerArguments.ServerNameFilter)) ||
(ServerArguments.ServerNameFilterType == ServerNameFilterType.Contains && !loginRequest.ServerName.Contains(ServerArguments.ServerNameFilter)))
{
// Log request to which we're about to send a failure
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the reason
TDSErrorToken errorToken = new TDSErrorToken(18456, 1, 14, string.Format("Received server name \"{0}\", expected \"{1}\" using \"{2}\" algorithm", loginRequest.ServerName, ServerArguments.ServerNameFilter, ServerArguments.ServerNameFilterType), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the errorToken token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token with the final errorToken
errorToken = new TDSErrorToken(18456, 1, 14, "Connection is denied by server name filter", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the errorToken token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Return only a single message with the collection
return(new TDSMessageCollection(responseMessage));
}
}
// Check if packet size filter is applied
if (ServerArguments.PacketSizeFilter != null)
{
// Check if requested packet size is the same as the filter specified
if (loginRequest.PacketSize != ServerArguments.PacketSizeFilter.Value)
{
// Log request to which we're about to send a failure
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the reason
TDSErrorToken errorToken = new TDSErrorToken(1919, 1, 14, string.Format("Received packet size \"{0}\", expected \"{1}\"", loginRequest.PacketSize, ServerArguments.PacketSizeFilter.Value), Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the errorToken token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token with the final errorToken
errorToken = new TDSErrorToken(1919, 1, 14, "Connection is denied by packet size filter", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the errorToken token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Return only a single message with the collection
return(new TDSMessageCollection(responseMessage));
}
}
// If we have an application name filter
if (ServerArguments.ApplicationNameFilter != null)
{
// If we are supposed to block this connection attempt
if (loginRequest.ApplicationName.Equals(ServerArguments.ApplicationNameFilter, System.StringComparison.OrdinalIgnoreCase))
{
// Log request to which we're about to send a failure
TDSUtilities.Log(Arguments.Log, "Request", loginRequest);
// Prepare ERROR token with the denial details
TDSErrorToken errorToken = new TDSErrorToken(18456, 1, 14, "Received application name: " + loginRequest.ApplicationName, Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
TDSMessage responseMessage = new TDSMessage(TDSMessageType.Response, errorToken);
// Prepare ERROR token for the final decision
errorToken = new TDSErrorToken(18456, 1, 14, "Connection is denied by application name filter", Arguments.ServerName);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", errorToken);
// Serialize the error token into the response packet
responseMessage.Add(errorToken);
// Create DONE token
TDSDoneToken doneToken = new TDSDoneToken(TDSDoneTokenStatusType.Final | TDSDoneTokenStatusType.Error);
// Log response
TDSUtilities.Log(Arguments.Log, "Response", doneToken);
// Serialize DONE token into the response packet
responseMessage.Add(doneToken);
// Put a single message into the collection and return it
return(new TDSMessageCollection(responseMessage));
}
}
}
// Return login response from the base class
return(base.OnLogin7Request(session, request));
}
