// Static Methods /// <summary> /// Gets the reason phrase to return for an unauthorized response. /// </summary> /// <param name="securityPrincipal">Security principal being authenticated, can be <c>null</c>.</param> /// <param name="authorizationScheme">Authentication scheme in use.</param> /// <param name="useProviderReason"><c>true</c> to use detailed response from security provider.</param> /// <returns>Reason phrase to return for an unauthorized response.</returns> /// <remarks> /// Detailed provider response should normally only be used for diagnostics, a more obscure reason is considered /// more secure since it limits knowledge about the successful elements of an authentication attempt. /// </remarks> public static string GetFailureReasonPhrase(SecurityPrincipal securityPrincipal, string authorizationScheme = "Basic", bool useProviderReason = false) { if ((object)securityPrincipal == null) { return("Invalid user name or password"); } if (useProviderReason) { // The security provider should be able to provide a reason for the failure string failureReason = securityPrincipal.Identity.Provider?.AuthenticationFailureReason; if (!string.IsNullOrEmpty(failureReason)) { return(failureReason); } } if (authorizationScheme == "Basic") { return("Invalid user name or password"); } return("Missing credentials"); }
private static ISecurityProvider SetupPrincipal(ISecurityProvider provider, bool restore) { // Initialize the principal object. IPrincipal principal; if (restore) { // Set principal to anonymous WindowsPrincipal. principal = new WindowsPrincipal(WindowsIdentity.GetAnonymous()); } else { // Set principal to SecurityPrincipal. principal = new SecurityPrincipal(new SecurityIdentity(provider)); } // Setup the current thread principal. Thread.CurrentPrincipal = principal; if (!s_threadPolicySet) { try { AppDomain.CurrentDomain.SetThreadPrincipal(Thread.CurrentPrincipal); } catch (PolicyException) { // Can't set default domain thread principal twice } s_threadPolicySet = true; } // Setup ASP.NET remote user principal. if ((object)HttpContext.Current != null) { HttpContext.Current.User = Thread.CurrentPrincipal; } return(provider); }
private static ISecurityProvider SetupPrincipal(ISecurityProvider provider, bool restore) { // Initialize the principal object. IPrincipal principal; if (restore) { // Set principal to anonymous WindowsPrincipal. principal = new WindowsPrincipal(WindowsIdentity.GetAnonymous()); } else { // Set principal to SecurityPrincipal. principal = new SecurityPrincipal(new SecurityIdentity(provider)); } // Setup the current thread principal. Thread.CurrentPrincipal = principal; if (!s_threadPolicySet) { try { AppDomain.CurrentDomain.SetThreadPrincipal(Thread.CurrentPrincipal); } catch (PolicyException) { // Can't set default domain thread principal twice } s_threadPolicySet = true; } // Setup ASP.NET remote user principal. if ((object)HttpContext.Current != null) HttpContext.Current.User = Thread.CurrentPrincipal; return provider; }