public void Logout(UserSessionInfo session) { using (LoginService service = new LoginService()) { service.Logout(session.SessionToken.Id); } }
public void ChangePassword_Click(object sender, EventArgs e) { using(LoginService service = new LoginService()) { try { if (!NewPassword.Text.Equals(ConfirmNewPassword.Text) || NewPassword.Text.Equals(string.Empty)) { ErrorMessage.Text = ErrorMessages.PasswordsDontMatch; ErrorMessagePanel.Visible = true; } else { service.ChangePassword(Username.Text, OriginalPassword.Value, NewPassword.Text); SessionManager.InitializeSession(Username.Text, NewPassword.Text, ImageServerConstants.DefaultApplicationName /*TODO: must change this */ ); } } catch (Exception ex) { ErrorMessage.Text = ex.Message; ErrorMessagePanel.Visible = true; SetInputFocus(NewPassword); // May want to elimiate this. Platform.Log(LogLevel.Error, ex, "Unexpected exception changing password: {0}.", ex.Message); } } }
public UserSessionInfo RenewSession(UserSessionInfo session) { using (LoginService service = new LoginService()) { var newToken = service.Renew(session.SessionToken.Id); return new UserSessionInfo(session.Principal, newToken); } }
public UserSessionInfo QuerySession(string sessionId) { using(LoginService service = new LoginService()) { var sessionInfo = service.Query(sessionId); if (sessionInfo == null) { throw new SessionDoesNotExistException(); } return new UserSessionInfo(sessionInfo.User, sessionInfo.Credentials.SessionToken); } }
public void Validate() { _valid = false; using(var service = new LoginService()) { SessionInfo sessionInfo = service.Query(Credentials.SessionToken.Id); if (sessionInfo == null) { throw new SessionValidationException(); } _user.Credentials = sessionInfo.Credentials; SessionToken newToken = service.Renew(Credentials.SessionToken.Id); _user.Credentials.SessionToken = newToken; _valid = true; } }
public void Query() { _valid = false; using (var service = new LoginService()) { SessionInfo sessionInfo = service.Query(Credentials.SessionToken.Id); if (sessionInfo == null) { throw new SessionValidationException(); } if (sessionInfo.Credentials.SessionToken.ExpiryTime < Platform.Time) { throw new SessionValidationException(); } _user.Credentials = sessionInfo.Credentials; _valid = true; } }
public void ChangePassword_Click(object sender, EventArgs e) { using(LoginService service = new LoginService()) { try { SessionInfo session = service.Login(ChangePasswordUsername.Text, OriginalPassword.Text, ImageServerConstants.DefaultApplicationName); if (!NewPassword.Text.Equals(ConfirmNewPassword.Text) || NewPassword.Text.Equals(string.Empty)) { ErrorMessage.Text = ErrorMessages.PasswordsDoNotMatch; ErrorMessagePanel.Visible = true; } else { service.ChangePassword(ChangePasswordUsername.Text, OriginalPassword.Text,NewPassword.Text); session = service.Login(ChangePasswordUsername.Text, NewPassword.Text, ImageServerConstants.DefaultApplicationName); SessionManager.InitializeSession(session); if (LoginPasswordChange.Checked) { Response.Redirect( FormsAuthentication.GetRedirectUrl(ChangePasswordUsername.Text, false), false); } else { ModalDialog1.Hide(); } } } catch(ArgumentException ex) { Platform.Log(LogLevel.Error, ex, "Unable to change password for {0}: {1}", ChangePasswordUsername.Text, ex.Message); string error = String.Format(ErrorMessages.ChangePasswordError, ex.Message); ShowError(error); } catch (PasswordExpiredException ex) { Platform.Log(LogLevel.Error, ex, "Unable to change password for {0}: {1}", ChangePasswordUsername.Text, ex.Message); ShowError(ErrorMessages.PasswordExpired); } catch (UserAccessDeniedException ex) { Platform.Log(LogLevel.Error, ex, "Unable to change password for {0}: {1}", ChangePasswordUsername.Text, ex.Message); ShowError(ErrorMessages.UserAccessDenied); } catch (RequestValidationException ex) { // NOTE: The server is throwing FaultException<RequestValidationException> when username or password doesn't match the configured policy Platform.Log(LogLevel.Error, ex, "Unable to change password for {0}: {1}", ChangePasswordUsername.Text, ex.Message); string error = String.Format(ErrorMessages.PasswordPolicyNotMet); ShowError(error); } catch (CommunicationException ex) { Platform.Log(LogLevel.Error, ex, ErrorMessages.CannotContactEnterpriseServer); ShowError(ErrorMessages.CannotContactEnterpriseServer); } catch (Exception ex) { ShowError(ex.Message); // May want to elimiate this. Platform.Log(LogLevel.Error, ex, "Unexpected exception changing password: {0}.", ex.Message); } } }
public static void SignOut(SessionInfo session) { FormsAuthentication.SignOut(); if (session != null) { try { ForceOtherPagesToLogout(session); using (LoginService service = new LoginService()) { service.Logout(session.Credentials.SessionToken.Id); } } catch (NotSupportedException) { //ignore this. } catch (Exception e) { Platform.Log(LogLevel.Warn, e, "Failed to log user out."); } UserAuthenticationAuditHelper audit = new UserAuthenticationAuditHelper( ServerPlatform.AuditSource, EventIdentificationContentsEventOutcomeIndicator.Success, UserAuthenticationEventType.Logout); audit.AddUserParticipant(new AuditPersonActiveParticipant( session.Credentials.UserName, null, session.Credentials.DisplayName)); ServerPlatform.LogAuditMessage(audit); } }
/// <summary> /// Logs in and intializes the session using the given username and password. /// </summary> /// <param name="username"></param> /// <param name="password"></param> /// <param name="appName"></param> /// <param name="redirect"></param> public static SessionInfo InitializeSession(string username, string password, string appName, bool redirect) { using (LoginService service = new LoginService()) { SessionInfo session = service.Login(username, password, appName); InitializeSession(session); Platform.Log(LogLevel.Info, "[{0}]: {1} has successfully logged in.", appName, username); if(redirect) HttpContext.Current.Response.Redirect(FormsAuthentication.GetRedirectUrl(username, false), false); return session; } }
/// <summary> /// Renew the current session /// </summary> public static void RenewSession() { var session = Current; if (session != null) { using (var service = new LoginService()) { SessionInfo sessionInfo = service.Renew(session.Credentials.SessionToken.Id, true /* force to bypass local cache */); InitializeSession(sessionInfo); } } }
public static void SignOut(SessionInfo session) { FormsAuthentication.SignOut(); if (session != null) { try { ForceOtherPagesToLogout(session); using (LoginService service = new LoginService()) { service.Logout(session.Credentials.SessionToken.Id); } } catch (NotSupportedException) { //ignore this. } catch (Exception e) { Platform.Log(LogLevel.Warn, e, "Failed to log user out."); } } }
private void CleanupSession(SessionInfo session) { lock (_sync) { using (var service = new LoginService()) { try { try { service.Logout(session.Credentials.SessionToken.Id); } catch(Exception ex) { Platform.Log(LogLevel.Warn, ex, "Unable to terminate session {0} gracefully", session.Credentials.SessionToken.Id); } } finally { RemoveSession(session.Credentials.SessionToken.Id); } } } }
public void Validate() { _valid = false; using(var service = new LoginService()) { try { var sessionInfo = service.Renew(Credentials.SessionToken.Id); _user.Credentials.SessionToken = sessionInfo.Credentials.SessionToken; _user.Credentials.Authorities = sessionInfo.Credentials.Authorities; _user.Credentials.DataAccessAuthorityGroups = sessionInfo.Credentials.DataAccessAuthorityGroups; _valid = true; } catch (Exception) { throw new SessionValidationException(); } } }
protected void Page_Load(object sender, EventArgs e) { UserID = Request.Params[ImageServerConstants.WebViewerQueryStrings.Username]; Password = Request.Params[ImageServerConstants.WebViewerQueryStrings.Password]; AppName = Request.Params[ImageServerConstants.WebViewerQueryStrings.ApplicationName]; ListStudies = Request.Params[ImageServerConstants.WebViewerQueryStrings.ListStudies]; WebViewerInitString = Request.Params[ImageServerConstants.WebViewerQueryStrings.WebViewerInitParams]; //Try to authenticate the user if (!string.IsNullOrEmpty(UserID) && !string.IsNullOrEmpty(Password)) { if(String.IsNullOrEmpty(AppName)) { int start = WebViewerInitString.IndexOf(ImageServerConstants.WebViewerQueryStrings.ApplicationName + "="); if (start < 0) AppName = ImageServerConstants.DefaultApplicationName; else { start += (ImageServerConstants.WebViewerQueryStrings.ApplicationName + "=").Length; AppName = WebViewerInitString.Substring(start); int end = AppName.IndexOf(','); AppName = AppName.Substring(0, end); if (string.IsNullOrEmpty(AppName)) AppName = ImageServerConstants.DefaultApplicationName; } } AppName = String.Format("{0}@{1}", AppName, HttpContext.Current.Request.UserHostName); try { using (LoginService service = new LoginService()) { SessionInfo session = service.Login(UserID, Password, AppName); Platform.Log(LogLevel.Info, "[{0}]: {1} has successfully logged in.", AppName, UserID); WebViewerInitString += string.Format(",{0}={1},{2}={3}", ImageServerConstants.WebViewerQueryStrings.Username, UserID, ImageServerConstants.WebViewerQueryStrings.Session, session.Credentials.SessionToken.Id); //_sessionId = session.Credentials.SessionToken.Id; //Add the session information to the context in case we redirect to the studies page. //We need these to properly launch the WebViewer Context.Items.Add(ImageServerConstants.WebViewerQueryStrings.Username, UserID); Context.Items.Add(ImageServerConstants.WebViewerQueryStrings.Session, session.Credentials.SessionToken.Id); Context.Items.Add("Authorized", false); foreach(string role in session.Credentials.Authorities) { if (role.Equals(ClearCanvas.ImageServer.Enterprise.Authentication.AuthorityTokens.Study.ViewImages)) { Context.Items["Authorized"] = "true"; break; } } } } catch (PasswordExpiredException) { Platform.Log(LogLevel.Info, "[{0}]: {1} encountered PasswordExpiredException.", AppName, UserID); Server.Transfer(ImageServerConstants.PageURLs.WebViewerAuthorizationErrorPage, true); } catch (UserAccessDeniedException) { Platform.Log(LogLevel.Info, "[{0}]: {1} encountered UserAccessDeniedException.", AppName, UserID); Server.Transfer(ImageServerConstants.PageURLs.WebViewerAuthorizationErrorPage, true); } catch (Exception ex) { Platform.Log(LogLevel.Info, "[{0}]: {1} encountered exception {2} - {3}.", AppName, UserID, ex.GetType(), ex.Message); Server.Transfer(ImageServerConstants.PageURLs.WebViewerAuthorizationErrorPage, true); } if (!string.IsNullOrEmpty(ListStudies) && ListStudies.Equals("true")) { //Extract the WebViewer Init Parameters to determine whether or not we need //to redirect to the Studies page. var initParams = new WebViewerInitParams(); string[] vals = HttpUtility.UrlDecode(WebViewerInitString).Split(new[] { '?', ';', '=', ',', '&' }); for (int i = 0; i < vals.Length - 1; i++) { if (String.IsNullOrEmpty(vals[i])) continue; if (vals[i].Equals(ImageServerConstants.WebViewerStartupParameters.Study)) { i++; initParams.StudyInstanceUids.Add(vals[i]); } else if (vals[i].Equals(ImageServerConstants.WebViewerStartupParameters.PatientID)) { i++; initParams.PatientIds.Add(vals[i]); } else if (vals[i].Equals(ImageServerConstants.WebViewerStartupParameters.AeTitle)) { i++; initParams.AeTitle = vals[i]; } else if (vals[i].Equals(ImageServerConstants.WebViewerStartupParameters.AccessionNumber)) { i++; initParams.AccessionNumbers.Add(vals[i]); } } //Check if there are multiple studies to be displayed. var controller = new StudyController(); var partitionAdapter = new ServerPartitionDataAdapter(); var partitionCriteria = new ServerPartitionSelectCriteria(); StudySelectCriteria studyCriteria; ServerPartition partition = null; int studyCount = 0; if(!string.IsNullOrEmpty(initParams.AeTitle)) { partitionCriteria.AeTitle.EqualTo(initParams.AeTitle); IList<ServerPartition> partitions = partitionAdapter.GetServerPartitions(partitionCriteria); //TODO: What if the AE Title is invalid? if(partitions.Count == 1) { partition = partitions[0]; } } //TODO: The logic below is very weird. foreach (string patientId in initParams.PatientIds) { studyCriteria = new StudySelectCriteria(); if (partition != null) studyCriteria.ServerPartitionKey.EqualTo(partition.Key); SetStringCondition(studyCriteria.PatientId, patientId); studyCount +=controller.GetStudyCount(studyCriteria); } if (studyCount < 2) foreach (string accession in initParams.AccessionNumbers) { studyCriteria = new StudySelectCriteria(); if (partition != null) studyCriteria.ServerPartitionKey.EqualTo(partition.Key); SetStringCondition(studyCriteria.AccessionNumber, accession); // TODO: studyCount is either 0 or 1 entering this block. If the same study is found, studyCount is incremented to 2, which is wrong studyCount += controller.GetStudyCount(studyCriteria); } if (studyCount < 2 && initParams.StudyInstanceUids.Count > 0) { studyCriteria = new StudySelectCriteria(); if (partition != null) studyCriteria.ServerPartitionKey.EqualTo(partition.Key); studyCriteria.StudyInstanceUid.In(initParams.StudyInstanceUids); // TODO: studyCount is either 0 or 1 entering this block. If the same study is found, studyCount is incremented to 2, which is wrong studyCount += controller.GetStudyCount(studyCriteria); } if (studyCount > 1) Server.Transfer(ImageServerConstants.PageURLs.WebViewerStudiesPage, true); } if (string.IsNullOrEmpty(WebViewerInitString)) { Response.Redirect(ImageServerConstants.PageURLs.WebViewerDefaultPage, true); } else { Response.Redirect(ImageServerConstants.PageURLs.WebViewerDefaultPage + "?" + ImageServerConstants.WebViewerQueryStrings.WebViewerInitParams + "=" + WebViewerInitString, true); } } else { Server.Transfer(ImageServerConstants.PageURLs.WebViewerAuthorizationErrorPage, true); } }