public InitiateSessionResponse InitiateSession(InitiateSessionRequest request) { bool ok = Membership.ValidateUser(request.UserName, request.Password); if (ok) { Guid tokenId = Guid.NewGuid(); var token = new SessionToken(tokenId.ToString(), Platform.Time + ServerPlatform.WebSessionTimeout); string[] authority = Roles.GetRolesForUser(request.UserName); string displayName = request.UserName; #if STANDALONE var list = new List<string>(); list.AddRange(authority); list.Add(Enterprise.Authentication.AuthorityTokens.Study.ViewImages); list.Add("Viewer/Visible"); list.Add("Viewer/Clinical"); authority = list.ToArray(); #endif var rsp = new InitiateSessionResponse(token, authority, new Guid[0], displayName,string.Empty); SessionTokenManager.Instance.AddSession(token); return rsp; } throw new FaultException<UserAccessDeniedException>(new UserAccessDeniedException()); }
public InitiateSessionResponse InitiateSession(InitiateSessionRequest request) { Platform.CheckForNullReference(request, "request"); Platform.CheckMemberIsSet(request.UserName, "UserName"); Platform.CheckMemberIsSet(request.Application, "Application"); Platform.CheckMemberIsSet(request.HostName, "HostName"); Platform.CheckMemberIsSet(request.Password, "Password"); return InitiateSessionHelper( request.UserName, request.Application, request.HostName, request.GetAuthorizations, user => user.InitiateSession(request.Application, request.HostName, request.Password, GetSessionTimeout())); }
public InitiateSessionResponse InitiateSession(InitiateSessionRequest request) { bool ok = Membership.ValidateUser(request.UserName, request.Password); if (ok) { Guid tokenId = Guid.NewGuid(); var token = new SessionToken(tokenId.ToString(), Platform.Time + ServerPlatform.WebSessionTimeout); string[] authority = Roles.GetRolesForUser(request.UserName); string displayName = request.UserName; var rsp = new InitiateSessionResponse(token, authority, new Guid[0], displayName,string.Empty); SessionTokenManager.Instance.AddSession(token); return rsp; } throw new FaultException<UserAccessDeniedException>(new UserAccessDeniedException()); }
public InitiateSessionResponse InitiateSession(InitiateSessionRequest request) { Platform.CheckForNullReference(request, "request"); Platform.CheckMemberIsSet(request.UserName, "UserName"); Platform.CheckMemberIsSet(request.Application, "Application"); Platform.CheckMemberIsSet(request.HostName, "HostName"); Platform.CheckMemberIsSet(request.Password, "Password"); // check host name against white-list if (!CheckWhiteList(this.Settings.HostNameWhiteList, request.HostName)) throw new UserAccessDeniedException(); // check application name against white-list if (!CheckWhiteList(this.Settings.ApplicationWhiteList, request.Application)) throw new UserAccessDeniedException(); // find user var user = GetUser(request.UserName); if (user == null) throw new UserAccessDeniedException(); // clean-up any expired sessions CleanExpiredSessions(user); // initiate new session var session = user.InitiateSession(request.Application, request.HostName, request.Password, GetSessionTimeout()); // get authority tokens if requested var authorizations = request.GetAuthorizations ? PersistenceContext.GetBroker<IAuthorityTokenBroker>().FindTokensByUserName(request.UserName) : new string[0]; // Get DataAccess authority groups if requested var groups = request.GetAuthorizations ? PersistenceContext.GetBroker<IAuthorityGroupBroker>().FindDataGroupsByUserName(request.UserName) : new Guid[0]; return new InitiateSessionResponse(session.GetToken(), authorizations, groups, user.DisplayName, user.EmailAddress); }
public SessionInfo Login(string userName, string password, string appName) { if (string.IsNullOrEmpty(userName)) throw new ArgumentException(SR.UserIDIsEmpty); if (string.IsNullOrEmpty(password)) throw new ArgumentException(SR.PasswordIsEmpty); Platform.CheckForEmptyString(password, "password"); Platform.CheckForEmptyString(appName, "appName"); SessionInfo session = null; Platform.GetService( delegate(IAuthenticationService service) { try { var request = new InitiateSessionRequest(userName, appName, Dns.GetHostName(), password) { GetAuthorizations = true }; InitiateSessionResponse response = service.InitiateSession(request); if (response != null) { var credentials = new LoginCredentials { UserName = userName, DisplayName = response.DisplayName, SessionToken = response.SessionToken, Authorities = response.AuthorityTokens, DataAccessAuthorityGroups = response.DataGroupOids, EmailAddress = response.EmailAddress }; var user = new CustomPrincipal(new CustomIdentity(userName, response.DisplayName),credentials); Thread.CurrentPrincipal = user; session = new SessionInfo(user); session.User.WarningMessages = response.WarningMessages; // Note: need to insert into the cache before calling SessionInfo.Validate() SessionCache.Instance.AddSession(response.SessionToken.Id, session); session.Validate(); Platform.Log(LogLevel.Info, "{0} has successfully logged in.", userName); } } catch (FaultException<PasswordExpiredException> ex) { throw ex.Detail; } catch(FaultException<UserAccessDeniedException> ex) { throw ex.Detail; } catch (FaultException<RequestValidationException> ex) { throw ex.Detail; } } ); return session; }