/// <summary> /// For User Authentication /// </summary> /// <param name="user"></param> /// <param name="session"></param> public bool UserLogin(ref User user) { bool loginsuccess = false; try { SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlParameter[] param = new SqlParameter[4]; dbconnection.Open(); param[0] = new SqlParameter("@UserName", user.UserName); param[1] = new SqlParameter("@Password", user.Password); param[2] = new SqlParameter("@UserID", null); param[2].DbType = DbType.Int32; param[2].Direction = ParameterDirection.Output; param[3] = new SqlParameter("@PersonID", null); param[3].DbType = DbType.Int32; param[3].Direction = ParameterDirection.Output; //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value. ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[User.Account].[Authenticate]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param)); dbconnection.Close(); try { user.UserID = Convert.ToInt32(param[2].Value.ToString()); if (param[3].Value != DBNull.Value) user.PersonID = Convert.ToInt32(param[3].Value.ToString()); } catch { } if (user.UserID != 0) { loginsuccess = true; sm.Session().UserID = user.UserID; sm.Session().PersonID = user.PersonID; sm.Session().LoginDate = DateTime.Now; Session session = sm.Session(); SessionUpdate(ref session); ActivityLog(user.PersonID, null, null); } } catch (Exception ex) { throw ex; } return loginsuccess; }
//*************************************************************************************************************************************** /// <summary> /// /// Starts a Profiles instance of Profiles Session Management and Session State Information used for /// security/data filters, tracking, auditing. /// /// </summary> /// <param name="sender"> .Net context object</param> /// <param name="e"> .Net Event Arguments</param> protected void Session_Start(object sender, EventArgs e) { SessionManagement session = new SessionManagement(); session.SessionCreate(); if (session.Session() != null) Framework.Utilities.DebugLogging.Log("SESSION CREATED for: " + session.Session().SessionID); session = null; }
public void InsertProxy(string userid) { SessionManagement sm = new SessionManagement(); try { string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); dbconnection.Open(); SqlCommand dbcommand = new SqlCommand(); dbcommand.CommandType = CommandType.StoredProcedure; dbcommand.CommandText = "[User.Account].[Proxy.AddDesignatedProxy]"; dbcommand.CommandTimeout = base.GetCommandTimeout(); dbcommand.Parameters.Add(new SqlParameter("@SessionID", sm.Session().SessionID)); dbcommand.Parameters.Add(new SqlParameter("@UserID", userid)); dbcommand.Connection = dbconnection; dbcommand.ExecuteNonQuery(); } catch (Exception e) { throw new Exception(e.Message); } }
/* public SqlDataReader GetPublications(RDFTriple request) { SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlCommand dbcommand = new SqlCommand("[Profile.Module].[CustomViewAuthorInAuthorshipForORCID.GetList]"); SqlDataReader dbreader; dbconnection.Open(); dbcommand.CommandType = CommandType.StoredProcedure; dbcommand.CommandTimeout = base.GetCommandTimeout(); dbcommand.Parameters.Add(new SqlParameter("@nodeid", request.Subject)); dbcommand.Parameters.Add(new SqlParameter("@sessionid", sm.Session().SessionID)); dbcommand.Connection = dbconnection; dbreader = dbcommand.ExecuteReader(CommandBehavior.CloseConnection); return dbreader; } */ public string GetInternalUserID() { SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlCommand dbcommand = new SqlCommand("SELECT UserID, InternalUserName FROM [User.Account].[User] WHERE (UserID = @userid)"); SqlDataReader dbreader; dbconnection.Open(); dbcommand.CommandType = CommandType.Text; dbcommand.CommandTimeout = GetCommandTimeout(); dbcommand.Parameters.Add(new SqlParameter("@userid", sm.Session().UserID)); dbcommand.Connection = dbconnection; dbreader = dbcommand.ExecuteReader(CommandBehavior.CloseConnection); while (dbreader.Read()) { ORCIDPublication pub = new ORCIDPublication(); if (dbreader["InternalUserName"] != null) { return dbreader["InternalUserName"].ToString(); } } throw new Exception("Unable to find Internal Username"); }
public SqlDataReader GetActiveNetwork(Int64 subject, bool details) { SqlDataReader dbreader = null; SessionManagement sm = new SessionManagement(); XmlDocument data = new XmlDocument(); try { SqlParameter[] param = new SqlParameter[3]; param[0] = new SqlParameter("@SessionID", sm.Session().SessionID); param[1] = new SqlParameter("@Details", details); if (subject == 0) { param[2] = new SqlParameter("@Subject", DBNull.Value); } else { param[2] = new SqlParameter("@Subject", subject); } dbreader = GetSQLDataReader(GetDBCommand("", "[user.account].[relationship.getrelationship]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param)); } catch (Exception ex) { Framework.Utilities.DebugLogging.Log(ex.Message + " ++ " + ex.StackTrace); } return(dbreader); }
public void SetActiveNetwork(Int64 subject, string relationshiptype, bool settoexists) { SessionManagement sm = new SessionManagement(); try { SqlParameter[] param = new SqlParameter[4]; param[0] = new SqlParameter("@SessionID", sm.Session().SessionID); param[1] = new SqlParameter("@Subject", subject); if (relationshiptype == null) { param[2] = new SqlParameter("@RelationshipType", DBNull.Value); } else { param[2] = new SqlParameter("@RelationshipType", relationshiptype); } param[3] = new SqlParameter("@SetToExists", settoexists); GetDBCommand("", "[user.account].[relationship.setrelationship]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param).ExecuteNonQuery(); } catch (Exception ex) { Framework.Utilities.DebugLogging.Log(ex.Message + " ++ " + ex.StackTrace); } }
public void DrawProfilesModule() { Profiles.Profile.Utilities.DataIO data = new Profiles.Profile.Utilities.DataIO(); if (Request.QueryString["Subject"] == null) return; base.RDFTriple = new RDFTriple(Convert.ToInt64(Request.QueryString["Subject"])); dlGoogleMapLinks.DataSource = data.GetGoogleMapZoomLinks(); dlGoogleMapLinks.DataBind(); SqlDataReader reader = null; SqlDataReader reader2 = null; Profiles.Framework.Utilities.SessionManagement session = new SessionManagement(); GoogleMapHelper gmh = new GoogleMapHelper(); try { if (base.GetModuleParamString("MapType") == "CoAuthor") { reader = data.GetGMapUserCoAuthors(base.RDFTriple.Subject, 0, session.Session().SessionID); reader2 = data.GetGMapUserCoAuthors(base.RDFTriple.Subject, 1, session.Session().SessionID); } if (base.GetModuleParamString("MapType") == "SimilarTo") { reader = data.GetGMapUserSimilarPeople(base.RDFTriple.Subject, false, session.Session().SessionID); reader2 = data.GetGMapUserSimilarPeople(base.RDFTriple.Subject, true, session.Session().SessionID); } litGoogleCode.Text = gmh.MapPlotPeople(base.RDFTriple.Subject, reader, reader2); } finally { if (!reader.IsClosed) reader.Close(); if (!reader2.IsClosed) reader2.Close(); } }
public EditObjectTypeProperty(XmlDocument pagedata, List<ModuleParams> moduleparams, XmlNamespaceManager pagenamespaces) : base(pagedata, moduleparams, pagenamespaces) { Edit.Utilities.DataIO data; SessionManagement sm = new SessionManagement(); Profiles.Profile.Utilities.DataIO propdata = new Profiles.Profile.Utilities.DataIO(); data = new Profiles.Edit.Utilities.DataIO(); if (Request.QueryString["subject"] != null) this.SubjectID = Convert.ToInt64(Request.QueryString["subject"]); else if (base.GetRawQueryStringItem("subject") != null) this.SubjectID = Convert.ToInt64(base.GetRawQueryStringItem("subject")); else Response.Redirect("~/search"); this.PredicateURI = Request.QueryString["predicateuri"].Replace("!", "#"); GetSubjectProfile(); this.PropertyListXML = propdata.GetPropertyList(this.BaseData, base.PresentationXML, PredicateURI, false, true, false); this.PropertyLabel = PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@Label").Value; litBackLink.Text = "<a href='" + Root.Domain + "/edit/" + this.SubjectID.ToString() + "'>Edit Menu</a> > <b>" + this.PropertyLabel + "</b>"; //Quick add for adding a note on the format of grant info when adding manually if (PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/@Label").Value == "Research") { litGrantNote1.Text = "Please use the following format when adding the grant information: "; litGrantNote2.Text = "Funding Agency: Agency Name - Title: Grant Title - Award Number: Grant ID Number - Total direct costs: $amount - Start Date: yyyy-mm-dd - End Date: yyyy-mm-dd <br /> Or for subaward:<br /> Subaward: Name of Pass-Through Institution - Funding Agency: Agency Name - Title: Grant Title - Award Number: Grant ID Number - Total direct costs: $amount - Start Date: yyyy-mm-dd - End Date: yyyy-mm-dd"; } //Quick fix to allow only Admin and Curators to edit Visibility privacy securityOptions.userRole = propdata.GetUserRole(sm.Session().SessionID); if (securityOptions.userRole == -40 || securityOptions.userRole == -50) { securityOptions.FindControl("imbSecurityOptions").Visible = true; securityOptions.FindControl("lbSecurityOptions").Visible = true; } else { securityOptions.FindControl("imbSecurityOptions").Visible = false; securityOptions.FindControl("lbSecurityOptions").Visible = false; } securityOptions.Subject = this.SubjectID; securityOptions.PredicateURI = PredicateURI; this.PredicateID = data.GetStoreNode(this.PredicateURI); securityOptions.PrivacyCode = Convert.ToInt32(this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@ViewSecurityGroup").Value); securityOptions.SecurityGroups = new XmlDataDocument(); securityOptions.SecurityGroups.LoadXml(base.PresentationXML.DocumentElement.LastChild.OuterXml); this._subject = Convert.ToInt64(Request.QueryString["subject"]); this._personId = data.GetPersonID(_subject); }
public EditDataTypeProperty(XmlDocument pagedata, List<ModuleParams> moduleparams, XmlNamespaceManager pagenamespaces) : base(pagedata, moduleparams, pagenamespaces) { SessionManagement sm = new SessionManagement(); propdata = new Profiles.Profile.Utilities.DataIO(); data = new Profiles.Edit.Utilities.DataIO(); string predicateuri = Request.QueryString["predicateuri"].Replace("!", "#"); this.PropertyListXML = propdata.GetPropertyList(this.BaseData, base.PresentationXML, predicateuri, false, true, false); PropertyLabel = this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@Label").Value; if (Request.QueryString["subject"] != null) this.SubjectID = Convert.ToInt64(Request.QueryString["subject"]); else if (base.GetRawQueryStringItem("subject") != null) this.SubjectID = Convert.ToInt64(base.GetRawQueryStringItem("subject")); else Response.Redirect("~/search"); litBackLink.Text = "<a href='" + Root.Domain + "/edit/" + this.SubjectID + "'>Edit Menu</a> > <b>" + PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@Label").Value + "</b>"; btnEditProperty.Text = "Add " + PropertyLabel; this.PropertyListXML = propdata.GetPropertyList(this.BaseData, base.PresentationXML, predicateuri, false, true, false); // Put hack to not insert null MaxCardinality Value if (this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@MaxCardinality") == null) { this.MaxCardinality = "1"; } else { this.MaxCardinality = this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@MaxCardinality").Value; } this.MinCardinality = this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@MinCardinality").Value; //Quick fix to allow only Admin and Curators to edit Visibility privacy securityOptions.userRole = propdata.GetUserRole(sm.Session().SessionID); if (securityOptions.userRole == -40 || securityOptions.userRole == -50) { securityOptions.FindControl("imbSecurityOptions").Visible = true; securityOptions.FindControl("lbSecurityOptions").Visible = true; } else { securityOptions.FindControl("imbSecurityOptions").Visible = false; securityOptions.FindControl("lbSecurityOptions").Visible = false; } securityOptions.Subject = this.SubjectID; securityOptions.PredicateURI = predicateuri; securityOptions.PrivacyCode = Convert.ToInt32(this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@ViewSecurityGroup").Value); securityOptions.SecurityGroups = new XmlDataDocument(); securityOptions.SecurityGroups.LoadXml(base.PresentationXML.DocumentElement.LastChild.OuterXml); }
public CustomEditAuthorInAuthorship(XmlDocument pagedata, List<ModuleParams> moduleparams, XmlNamespaceManager pagenamespaces) : base(pagedata, moduleparams, pagenamespaces) { SessionManagement sm = new SessionManagement(); Utilities.DataIO data = new Profiles.Edit.Utilities.DataIO(); propdata = new Profiles.Profile.Utilities.DataIO(); this._subject = Convert.ToInt64(Request.QueryString["subject"]); this._predicateuri = Request.QueryString["predicateuri"].Replace("!", "#"); this._personId = data.GetPersonID(_subject); Session["NodeID"] = this._subject; Session["SessionID"] = sm.Session().SessionID; this.PropertyListXML = propdata.GetPropertyList(pagedata, base.PresentationXML, this._predicateuri, false, true, false); //Quick fix to allow only Admin and Curators to edit Visibility privacy securityOptions.userRole = propdata.GetUserRole(sm.Session().SessionID); if (securityOptions.userRole == -40 || securityOptions.userRole == -50) { securityOptions.FindControl("imbSecurityOptions").Visible = true; securityOptions.FindControl("lbSecurityOptions").Visible = true; } else { securityOptions.FindControl("imbSecurityOptions").Visible = false; securityOptions.FindControl("lbSecurityOptions").Visible = false; } securityOptions.Subject = this._subject; securityOptions.PredicateURI = this._predicateuri; securityOptions.PrivacyCode = Convert.ToInt32(this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@ViewSecurityGroup").Value); securityOptions.SecurityGroups = new XmlDataDocument(); securityOptions.SecurityGroups.LoadXml(base.PresentationXML.DocumentElement.LastChild.OuterXml); securityOptions.BubbleClick += SecurityDisplayed; }
public CustomEditEmail(XmlDocument pagedata, List<ModuleParams> moduleparams, XmlNamespaceManager pagenamespaces) : base(pagedata, moduleparams, pagenamespaces) { SessionManagement sm = new SessionManagement(); base.BaseData = pagedata; data = new Profiles.Edit.Utilities.DataIO(); this.Email = base.BaseData.SelectSingleNode("rdf:RDF/rdf:Description/vivo:email", base.Namespaces).InnerText; Profiles.Profile.Utilities.DataIO propdata = new Profiles.Profile.Utilities.DataIO(); if (Request.QueryString["subject"] != null) this.SubjectID = Convert.ToInt64(Request.QueryString["subject"]); else if (base.GetRawQueryStringItem("subject") != null) this.SubjectID = Convert.ToInt64(base.GetRawQueryStringItem("subject")); else Response.Redirect("~/search"); this.PredicateURI = Request.QueryString["predicateuri"].Replace("!", "#"); this.PropertyListXML = propdata.GetPropertyList(this.BaseData, base.PresentationXML, this.PredicateURI, false, true, false); litBackLink.Text = "<a href='" + Root.Domain + "/edit/" + this.SubjectID.ToString() + "'>Edit Menu</a> > <b>" + PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@Label").Value + "</b>"; //create a new network triple request. base.RDFTriple = new RDFTriple(this.SubjectID, data.GetStoreNode(this.PredicateURI)); base.RDFTriple.Expand = true; base.RDFTriple.ShowDetails = true; base.GetDataByURI();//This will reset the data to a Network. //Quick fix to allow only Admin and Curators to edit Visibility privacy securityOptions.userRole = propdata.GetUserRole(sm.Session().SessionID); if (securityOptions.userRole == -40 || securityOptions.userRole == -50) { securityOptions.FindControl("imbSecurityOptions").Visible = true; securityOptions.FindControl("lbSecurityOptions").Visible = true; } else { securityOptions.FindControl("imbSecurityOptions").Visible = false; securityOptions.FindControl("lbSecurityOptions").Visible = false; } securityOptions.Subject = this.SubjectID; securityOptions.PredicateURI = this.PredicateURI; securityOptions.PrivacyCode = Convert.ToInt32(this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@ViewSecurityGroup").Value); securityOptions.SecurityGroups = new XmlDataDocument(); securityOptions.SecurityGroups.LoadXml(base.PresentationXML.DocumentElement.LastChild.OuterXml); }
public Int64 GetSessionSecurityGroup() { string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SessionManagement sm = new SessionManagement(); SqlConnection dbconnection = new SqlConnection(connstr); Int64 accesscode = 0; SqlParameter[] param; param = new SqlParameter[4]; SqlCommand dbcommand = new SqlCommand(); dbconnection.Open(); dbcommand.CommandTimeout = this.GetCommandTimeout(); param[0] = new SqlParameter("@SessionID", sm.Session().SessionID); param[1] = new SqlParameter("@securitygroupid", 0); param[1].Direction = ParameterDirection.Output; param[2] = new SqlParameter("@hasspecialviewaccess", 0); param[2].Direction = ParameterDirection.Output; param[3] = new SqlParameter("@hasspecialeditaccess", 0); param[3].Direction = ParameterDirection.Output; dbcommand.Connection = dbconnection; try { //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value. ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[RDF.Security].[GetSessionSecurityGroup]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param)); } catch (Exception ex) { Framework.Utilities.DebugLogging.Log(ex.Message + " ++ " + ex.StackTrace); } dbcommand.Connection.Close(); if (param[1] != null) { accesscode = Convert.ToInt64(param[1].Value); } return(accesscode); }
public CustomEditAuthorInAuthorship(XmlDocument pagedata, List<ModuleParams> moduleparams, XmlNamespaceManager pagenamespaces) : base(pagedata, moduleparams, pagenamespaces) { SessionManagement sm = new SessionManagement(); Utilities.DataIO data = new Profiles.Edit.Utilities.DataIO(); this._subject = Convert.ToInt64(Request.QueryString["subject"]); this._predicateuri = Request.QueryString["predicateuri"].Replace("!", "#"); this._personId = data.GetPersonID(_subject); Session["NodeID"] = this._subject; Session["SessionID"] = sm.Session().SessionID; this.PropertyListXML = data.GetPropertyList(pagedata, base.PresentationXML, this._predicateuri, false, true, false); securityOptions.Subject = this._subject; securityOptions.PredicateURI = this._predicateuri; securityOptions.PrivacyCode = Convert.ToInt32(this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@ViewSecurityGroup").Value); securityOptions.SecurityGroups = new XmlDataDocument(); securityOptions.SecurityGroups.LoadXml(base.PresentationXML.DocumentElement.LastChild.OuterXml); }
public CustomEditMainImage(XmlDocument pagedata, List<ModuleParams> moduleparams, XmlNamespaceManager pagenamespaces) : base(pagedata, moduleparams, pagenamespaces) { Edit.Utilities.DataIO data = new Profiles.Edit.Utilities.DataIO(); SessionManagement sm = new SessionManagement(); this.XMLData = pagedata; propdata = new Profiles.Profile.Utilities.DataIO(); if (Request.QueryString["subject"] != null) this.SubjectID = Convert.ToInt64(Request.QueryString["subject"]); else if (base.GetRawQueryStringItem("subject") != null) this.SubjectID = Convert.ToInt64(base.GetRawQueryStringItem("subject")); else Response.Redirect("~/search"); this.PredicateURI = Request.QueryString["predicateuri"].Replace("!", "#"); this.PropertyListXML = propdata.GetPropertyList(this.BaseData, base.PresentationXML, PredicateURI, false, true, false); litBackLink.Text = "<a href='" + Root.Domain + "/edit/" + this.SubjectID.ToString() + "'>Edit Menu</a> > <b>" + PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@Label").Value + "</b>"; //Quick fix to allow only Admin and Curators to edit Visibility privacy securityOptions.userRole = propdata.GetUserRole(sm.Session().SessionID); if (securityOptions.userRole == -40 || securityOptions.userRole == -50) { securityOptions.FindControl("imbSecurityOptions").Visible = true; securityOptions.FindControl("lbSecurityOptions").Visible = true; } else { securityOptions.FindControl("imbSecurityOptions").Visible = false; securityOptions.FindControl("lbSecurityOptions").Visible = false; } securityOptions.Subject = this.SubjectID; securityOptions.PredicateURI = PredicateURI; securityOptions.PrivacyCode = Convert.ToInt32(this.PropertyListXML.SelectSingleNode("PropertyList/PropertyGroup/Property/@ViewSecurityGroup").Value); securityOptions.SecurityGroups = new XmlDataDocument(); securityOptions.SecurityGroups.LoadXml(base.PresentationXML.DocumentElement.LastChild.OuterXml); securityOptions.BubbleClick += SecurityDisplayed; }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { if (Request.QueryString["method"].ToString() == "logout") { sm.SessionLogout(); sm.SessionDestroy(); Response.Redirect(Request.QueryString["redirectto"].ToString()); } else if (Request.QueryString["method"].ToString() == "shibboleth") { // added by Eric // If they specify an Idp, then check that they logged in from the configured IDP bool authenticated = false; if (ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"] == null || ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"].ToString().Equals(Request.Headers.Get("ShibIdentityProvider").ToString(), StringComparison.InvariantCultureIgnoreCase)) { String userName = Request.Headers.Get(ConfigurationManager.AppSettings["Shibboleth.UserNameHeader"].ToString()); //"025693078"; if (userName != null && userName.Trim().Length > 0) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = userName; if (data.UserLoginExternal(ref user)) { authenticated = true; RedirectAuthenticatedUser(); } } } if (!authenticated) { // try and just put their name in the session. //sm.Session().ShortDisplayName = Request.Headers.Get("ShibdisplayName"); RedirectAuthenticatedUser(); } } else if (Request.QueryString["method"].ToString() == "login") { // see if they already have a login session, if so don't send them to shibboleth Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement(); String viewerId = sm.Session().PersonURI; if (viewerId != null && viewerId.Trim().Length > 0) { RedirectAuthenticatedUser(); } else { string redirect = Root.Domain + "/login/default.aspx?method=shibboleth"; if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true") { redirect += "&edit=true"; } else { redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString(); } Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() + HttpUtility.UrlEncode(redirect)); } } } }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { if (Request.QueryString["method"].ToString() == "logout") { sm.SessionLogout(); sm.SessionDistroy(); Response.Redirect(Request.QueryString["redirectto"].ToString()); } else if (Request.QueryString["method"].ToString() == "shibboleth") { // added by Eric String employeeID = Request.Headers.Get("employeeNumber"); //"025693078"; // new IDP if (employeeID == null || employeeID.Trim().Length == 0) { employeeID = Request.Headers.Get("uid"); //"025693078"; if (employeeID != null && employeeID.Trim().Length > 9) { employeeID = employeeID.Substring(0, 9); } } if (employeeID != null && employeeID.Trim().Length > 0) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = employeeID; user.Password = employeeID; if (data.UserLogin(ref user)) { RedirectAuthenticatedUser(); } } } else if (Request.QueryString["method"].ToString() == "login") { // see if they already have a login session, if so don't send them to shibboleth Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement(); String viewerId = sm.Session().PersonURI; if (viewerId != null && viewerId.Trim().Length > 0) { RedirectAuthenticatedUser(); } else { string redirect = Root.Domain + "/login/default.aspx?method=shibboleth"; if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true") redirect += "&edit=true"; else redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString(); Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() + HttpUtility.UrlEncode(redirect)); } } } }
public SqlDataReader ManageProxies(string operation) { SqlDataReader dbreader = null; SessionManagement sm = new SessionManagement(); try { string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); dbconnection.Open(); SqlCommand dbcommand = new SqlCommand(); dbcommand.CommandType = CommandType.StoredProcedure; dbcommand.CommandText = "[User.Account].[Proxy.GetProxies]"; dbcommand.CommandTimeout = base.GetCommandTimeout(); dbcommand.Parameters.Add(new SqlParameter("@SessionID", sm.Session().SessionID)); dbcommand.Parameters.Add(new SqlParameter("@Operation", operation)); dbcommand.Connection = dbconnection; dbreader = dbcommand.ExecuteReader(CommandBehavior.CloseConnection); } catch (Exception e) { throw new Exception(e.Message); } return dbreader; }
private OpenSocialManager(string ownerUri, Page page, bool editMode) { this.guid = Guid.NewGuid(); this.isDebug = page.Session != null && page.Session[ORNG_DEBUG] != null && (bool)page.Session[ORNG_DEBUG]; this.noCache = page.Session != null && page.Session[ORNG_NOCACHE] != null && (bool)page.Session[ORNG_NOCACHE]; this.page = page; this.pageName = page.AppRelativeVirtualPath.Substring(2).ToLower(); DebugLogging.Log("Creating OpenSocialManager for " + ownerUri + ", " + pageName); if (shindigURL == null) { // do nothing return; } this.ownerUri = ownerUri; // in editMode we need to set the viewer to be the same as the owner // otherwise, the gadget will not be able to save appData correctly if (editMode) { viewerUri = ownerUri; } else { Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement(); // if they have a Profile, use the Profile URI otherwise use the User URI. This allows admins and other folks without profile pages to use gadgets if (sm.Session().PersonURI != null && sm.Session().PersonURI.Trim().Length > 0) { viewerUri = sm.Session().PersonURI; } else { viewerUri = sm.Session().UserURI; } if (viewerUri != null && viewerUri.Trim().Length == 0) { viewerUri = null; } } string requestAppId = page.Request.QueryString["appId"]; foreach (GadgetSpec gadgetSpec in GetGadgetSpecifications()) { // only add ones that are visible in this context! if (((requestAppId == null && gadgetSpec.IsEnabled()) || gadgetSpec.GetAppId() == Convert.ToInt32(requestAppId)) && gadgetSpec.Show(viewerUri, ownerUri, GetPageName())) { gadgets.Add(new PreparedGadget(gadgetSpec, this)); } } // if we are in edit mode, clear the cache if (editMode) { ClearOwnerCache(); } // sort the gadgets DebugLogging.Log("Visible Gadget Count : " + gadgets.Count); gadgets.Sort(); }
/// <summary> /// For User Authentication /// </summary> /// <param name="user"></param> /// <param name="session"></param> public bool UserLogin(ref User user) { bool loginsuccess = false; string adPath = "LDAP://uams0.ad.uams.edu:389/DC=ad,DC=uams,DC=edu"; LdapAuthentication ldap = new LdapAuthentication(adPath); bool ldapLoginSuccess = false; string username; try { ldapLoginSuccess = ldap.IsAuthenticated("UAMS", user.UserName, user.Password); //HMHULL-TODO: Do I need to have Domain be an box in the logon form? } catch (Exception e) { return false; } if (ldapLoginSuccess) { // Get the email from LDAP here and use it as the username username = ldap.getEmail(); try { SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlParameter[] param = new SqlParameter[3]; dbconnection.Open(); param[0] = new SqlParameter("@UserName", username); param[1] = new SqlParameter("@UserID", null); param[1].DbType = DbType.Int32; param[1].Direction = ParameterDirection.Output; param[2] = new SqlParameter("@PersonID", null); param[2].DbType = DbType.Int32; param[2].Direction = ParameterDirection.Output; //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value. ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[User.Account].[Authenticate]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param)); dbconnection.Close(); try { user.UserID = Convert.ToInt32(param[1].Value.ToString()); if (param[2].Value != DBNull.Value) user.PersonID = Convert.ToInt32(param[2].Value.ToString()); } catch { } if (user.UserID != 0) { loginsuccess = true; sm.Session().UserID = user.UserID; sm.Session().PersonID = user.PersonID; sm.Session().LoginDate = DateTime.Now; Session session = sm.Session(); SessionUpdate(ref session); } } catch (Exception ex) { throw ex; } } return loginsuccess && ldapLoginSuccess; }
private void DrawProfilesModule() { Proxy.Utilities.DataIO data = new Proxy.Utilities.DataIO(); SessionManagement sm = new SessionManagement(); string subject = sm.Session().SessionID.ToString(); if (sm.Session().UserID == 0) Response.Redirect(Root.Domain + "/search"); litBackLink.Text = "<b>Search Proxies</b>"; if (Request.QueryString["fname"] != null) { txtFirstName.Text = Request.QueryString["fname"]; this.Fname = Request.QueryString["fname"]; } if (Request.QueryString["lname"] != null) { txtLastName.Text = Request.QueryString["lname"]; this.Lname = Request.QueryString["lname"]; } drpInstitution.DataSource = data.GetInstitutions(); drpInstitution.DataTextField = "Text"; drpInstitution.DataValueField = "Value"; drpInstitution.DataBind(); drpInstitution.Items.Insert(0, new ListItem("--Select--")); if (Request.QueryString["institution"] != null) { drpInstitution.SelectedIndex = drpInstitution.Items.IndexOf(drpInstitution.Items.FindByText(Request.QueryString["institution"])); this.Institution = Request.QueryString["institution"]; } drpDepartment.DataSource = data.GetDepartments(); drpDepartment.DataTextField = "Text"; drpDepartment.DataValueField = "Value"; drpDepartment.DataBind(); drpDepartment.Items.Insert(0, new ListItem("--Select--")); if (Request.QueryString["department"] != null) { drpDepartment.SelectedIndex = drpDepartment.Items.IndexOf(drpDepartment.Items.FindByText(Request.QueryString["department"])); this.Department = Request.QueryString["department"]; } drpInstitutionPermissions.DataSource = data.GetInstitutions(); drpInstitutionPermissions.DataTextField = "Text"; drpInstitutionPermissions.DataValueField = "Value"; drpInstitutionPermissions.DataBind(); drpInstitutionPermissions.Items.Insert(0, new ListItem("All")); drpDepartmentPermissions.DataSource = data.GetDepartments(); drpDepartmentPermissions.DataTextField = "Text"; drpDepartmentPermissions.DataValueField = "Value"; drpDepartmentPermissions.DataBind(); drpDepartmentPermissions.Items.Insert(0, new ListItem("All")); this.Subject = Convert.ToInt64(Request.QueryString["subject"]); if (Request.QueryString["offset"] != null && Request.QueryString["totalrows"] != null) { this.ExecuteSearch(false); } }
private OpenSocialManager(string ownerUri, Page page, bool editMode) { this.guid = Guid.NewGuid(); this.isDebug = page.Session != null && page.Session[OPENSOCIAL_DEBUG] != null && (bool)page.Session[OPENSOCIAL_DEBUG]; this.noCache = page.Session != null && page.Session[OPENSOCIAL_NOCACHE] != null && (bool)page.Session[OPENSOCIAL_NOCACHE]; this.page = page; this.pageName = page.AppRelativeVirtualPath.Substring(2).ToLower(); DebugLogging.Log("Creating OpenSocialManager for " + ownerUri + ", " + pageName); if (shindigURL == null) { // do nothing return; } this.ownerUri = ownerUri; // in editMode we need to set the viewer to be the same as the owner // otherwise, the gadget will not be able to save appData correctly if (editMode) { viewerUri = ownerUri; } else { Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement(); viewerUri = sm.Session().PersonURI; if (viewerUri != null && viewerUri.Trim().Length == 0) { viewerUri = null; } } string requestAppId = page.Request.QueryString["appId"]; DebugLogging.Log("OpenSocialManager GetAllDBGadgets " + !noCache); Dictionary <string, GadgetSpec> allDBGadgets = GetAllDBGadgets(!noCache); // if someone used the sandbox to log in, grab those gadgets refreshed from the DB if (page.Session != null && (string)page.Session[OPENSOCIAL_GADGETS] != null) { gadgets = GetSandboxGadgets(allDBGadgets, requestAppId); } else { DebugLogging.Log("OpenSocialManager GetSecurityToken " + !noCache); foreach (GadgetSpec gadgetSpec in allDBGadgets.Values) { // only add ones that are visible in this context! int moduleId = 0; if (((requestAppId == null && gadgetSpec.IsEnabled()) || gadgetSpec.GetAppId() == Convert.ToInt32(requestAppId)) && gadgetSpec.Show(viewerUri, ownerUri, GetPageName())) { String securityToken = SocketSendReceive(viewerUri, ownerUri, gadgetSpec.GetGadgetURL()); gadgets.Add(new PreparedGadget(gadgetSpec, this, moduleId++, securityToken)); } } } // if we are in edit mode, clear the cache if (editMode) { ClearOwnerCache(); } // sort the gadgets DebugLogging.Log("Visible Gadget Count : " + gadgets.Count); gadgets.Sort(); }
public Int64 AddNewEntity(string label, string classuri) { SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlParameter[] param = new SqlParameter[5]; string error = string.Empty; dbconnection.Open(); param[0] = new SqlParameter("@label", label); param[1] = new SqlParameter("@EntityClassURI", classuri); param[2] = new SqlParameter("@ForceNewEntity", 1); param[3] = new SqlParameter("@SessionID", sm.Session().SessionID); param[4] = new SqlParameter("@NodeID", null); param[4].DbType = DbType.Int64; param[4].Direction = ParameterDirection.Output; SqlCommand comm = GetDBCommand(ref dbconnection, "[RDF.].GetStoreNode", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param); //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value. ExecuteSQLDataCommand(comm); comm.Connection.Close(); if (dbconnection.State == ConnectionState.Open) dbconnection.Close(); return Convert.ToInt64(param[4].Value.ToString()); }
private bool StoreAwardReceipt(StoreAwardReceiptRequest sarr) { SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlParameter[] param = new SqlParameter[sarr.Length]; bool error = false; try { dbconnection.Open(); if (sarr.ExistingAwardReceiptURI != null) param[sarr.ExistingAwardReceiptURI.ParamOrdinal] = new SqlParameter("@ExistingAwardReceiptURI", sarr.ExistingAwardReceiptURI.Value); if (sarr.AwardOrHonorForID != null) param[sarr.AwardOrHonorForID.ParamOrdinal] = new SqlParameter("@awardOrHonorForID", Convert.ToInt64(sarr.AwardOrHonorForID.Value)); if (sarr.Label != null) param[sarr.Label.ParamOrdinal] = new SqlParameter("@Label", sarr.Label.Value.ToString()); if (sarr.AwardConferedBy != null) param[sarr.AwardConferedBy.ParamOrdinal] = new SqlParameter("@awardConferredBy", sarr.AwardConferedBy.Value.ToString()); if (sarr.StartDate != null) param[sarr.StartDate.ParamOrdinal] = new SqlParameter("@startDate", sarr.StartDate.Value.ToString()); if (sarr.EndDate != null) param[sarr.EndDate.ParamOrdinal] = new SqlParameter("@endDate", sarr.EndDate.Value.ToString()); param[sarr.Length - 3] = new SqlParameter("@sessionID", sm.Session().SessionID); param[sarr.Length - 2] = new SqlParameter("@error", null); param[sarr.Length - 2].DbType = DbType.Boolean; param[sarr.Length - 2].Direction = ParameterDirection.Output; param[sarr.Length - 1] = new SqlParameter("@nodeid", null); param[sarr.Length - 1].DbType = DbType.Int64; param[sarr.Length - 1].Direction = ParameterDirection.Output; SqlCommand comm = GetDBCommand(ref dbconnection, "[Edit.Module].[CustomEditAwardOrHonor.StoreItem]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param); //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value. ExecuteSQLDataCommand(comm); comm.Connection.Close(); if (dbconnection.State != ConnectionState.Closed) dbconnection.Close(); error = Convert.ToBoolean(param[sarr.Length - 2].Value); } catch (Exception e) { Framework.Utilities.DebugLogging.Log(e.Message + e.StackTrace); throw new Exception(e.Message); } return error; }
private OpenSocialManager(string ownerUri, Page page, bool editMode) { this.guid = Guid.NewGuid(); this.isDebug = page.Session != null && page.Session[ORNG_DEBUG] != null && (bool)page.Session[ORNG_DEBUG]; this.noCache = page.Session != null && page.Session[ORNG_NOCACHE] != null && (bool)page.Session[ORNG_NOCACHE]; this.page = page; this.pageName = page.AppRelativeVirtualPath.Substring(2).ToLower(); DebugLogging.Log("Creating OpenSocialManager for " + ownerUri + ", " + pageName); if (shindigURL == null) { // do nothing return; } this.ownerUri = ownerUri; // in editMode we need to set the viewer to be the same as the owner // otherwise, the gadget will not be able to save appData correctly if (editMode) { viewerUri = ownerUri; } else { Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement(); // if they have a Profile, use the Profile URI otherwise use the User URI. This allows admins and other folks without profile pages to use gadgets if (sm.Session().PersonURI != null && sm.Session().PersonURI.Trim().Length > 0) { viewerUri = sm.Session().PersonURI; } else { viewerUri = sm.Session().UserURI; } if (viewerUri != null && viewerUri.Trim().Length == 0) { viewerUri = null; } } string requestAppId = page.Request.QueryString["appId"]; foreach (GadgetSpec gadgetSpec in GetGadgetSpecifications()) { // only add ones that are visible in this context! if (((requestAppId == null && gadgetSpec.IsEnabled()) || gadgetSpec.GetAppId() == Convert.ToInt32(requestAppId)) && gadgetSpec.Show(viewerUri, ownerUri, GetPageName())) { gadgets.Add(new PreparedGadget(gadgetSpec, this)); } } // if we are in edit mode, clear the cache if (editMode) { ClearOwnerCache(); } // sort the gadgets DebugLogging.Log("Visible Gadget Count : " + gadgets.Count); gadgets.Sort(); }
private Int64 GetNodeId(StoreNodeRequest snr) { System.Web.HttpBrowserCapabilities browser = HttpContext.Current.Request.Browser; if (snr.Value.Value.ToString().Contains(Environment.NewLine) && browser.Browser == "IE") { snr.Value.Value = snr.Value.Value.ToString().Replace(Environment.NewLine, ("\n")); } SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlParameter[] param = new SqlParameter[snr.Length]; string error = string.Empty; dbconnection.Open(); if (snr.Value != null) param[snr.Value.ParamOrdinal] = new SqlParameter("@value", snr.Value.Value); if (snr.Langauge != null) param[snr.Langauge.ParamOrdinal] = new SqlParameter("@language", null); if (snr.DataType != null) param[snr.DataType.ParamOrdinal] = new SqlParameter("@DataType", null); param[snr.Length - 3] = new SqlParameter("@SessionID", sm.Session().SessionID); param[snr.Length - 2] = new SqlParameter("@Error", null); param[snr.Length - 2].Size = 1; param[snr.Length - 2].DbType = DbType.String; param[snr.Length - 2].Direction = ParameterDirection.Output; param[snr.Length - 1] = new SqlParameter("@NodeID", null); param[snr.Length - 1].DbType = DbType.Int64; param[snr.Length - 1].Direction = ParameterDirection.Output; using (var cmd = GetDBCommand(dbconnection, "[RDF.].GetStoreNode", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param)) { try { //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value. ExecuteSQLDataCommand(cmd); } finally { SqlConnection.ClearPool(dbconnection); cmd.Connection.Close(); cmd.Dispose(); } } return Convert.ToInt64(param[snr.Length - 1].Value.ToString()); }
private OpenSocialManager(string ownerId, Page page, bool editMode) { this.guid = Guid.NewGuid(); managers.Add(new WeakReference(this)); this.isDebug = page.Session != null && page.Session[OPENSOCIAL_DEBUG] != null && (bool)page.Session[OPENSOCIAL_DEBUG]; this.noCache = page.Session != null && page.Session[OPENSOCIAL_NOCACHE] != null && (bool)page.Session[OPENSOCIAL_NOCACHE]; this.page = page; this.pageName = page.AppRelativeVirtualPath.Substring(2).ToLower(); DebugLogging.Log("Creating OpenSocialManager for " + ownerId + ", " + pageName); if (ConfigurationManager.AppSettings["OpenSocial.ShindigURL"] == null) { // do nothing return; } this.ownerId = ownerId; // in editMode we need to set the viewer to be the same as the owner // otherwise, the gadget will not be able to save appData correctly if (editMode) { viewerId = ownerId; } else { Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement(); viewerId = sm.Session().PersonURI; if (viewerId != null && viewerId.Trim().Length == 0) { viewerId = null; } } string requestAppId = page.Request.QueryString["appId"]; DebugLogging.Log("OpenSocialManager GetAllDBGadgets " + !noCache); Dictionary<string, GadgetSpec> allDBGadgets = GetAllDBGadgets(!noCache); // if someone used the sandbox to log in, grab those gadgets refreshed from the DB if (page.Session != null && (string)page.Session[OPENSOCIAL_GADGETS] != null) { gadgets = GetSandboxGadgets(allDBGadgets, requestAppId); } else { DebugLogging.Log("OpenSocialManager GetSecurityToken " + !noCache); foreach (GadgetSpec gadgetSpec in allDBGadgets.Values) { // only add ones that are visible in this context! int moduleId = 0; if (((requestAppId == null && gadgetSpec.IsEnabled()) || gadgetSpec.GetAppId() == Convert.ToInt32(requestAppId)) && gadgetSpec.Show(viewerId, ownerId, GetPageName())) { String securityToken = SocketSendReceive(viewerId, ownerId, gadgetSpec.GetGadgetURL()); gadgets.Add(new PreparedGadget(gadgetSpec, this, moduleId++, securityToken)); } } } // sort the gadgets DebugLogging.Log("Visible Gadget Count : " + gadgets.Count); gadgets.Sort(); }
private bool GetStoreTriple(StoreTripleRequest str) { SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlParameter[] param = new SqlParameter[str.Length]; bool error = false; try { dbconnection.Open(); if (str.Subject != null) param[str.Subject.ParamOrdinal] = new SqlParameter("@subjectid", Convert.ToInt64(str.Subject.Value)); if (str.Predicate != null) param[str.Predicate.ParamOrdinal] = new SqlParameter("@predicateid", Convert.ToInt64(str.Predicate.Value)); if (str.Object != null) param[str.Object.ParamOrdinal] = new SqlParameter("@objectid", Convert.ToInt64(str.Object.Value)); if (str.OldObject != null) param[str.OldObject.ParamOrdinal] = new SqlParameter("@oldobjectid", Convert.ToInt64(str.OldObject.Value)); if (str.MoveUpOne != null) param[str.MoveUpOne.ParamOrdinal] = new SqlParameter("@MoveUpOne", Convert.ToInt16(str.MoveUpOne.Value)); if (str.MoveDownOne != null) param[str.MoveDownOne.ParamOrdinal] = new SqlParameter("@MoveDownOne", Convert.ToInt16(str.MoveDownOne.Value)); if (str.StoreInverse != null) param[str.StoreInverse.ParamOrdinal] = new SqlParameter("@StoreInverse", Convert.ToInt16(str.StoreInverse.Value)); param[str.Length - 2] = new SqlParameter("@sessionID", sm.Session().SessionID); param[str.Length - 1] = new SqlParameter("@error", null); param[str.Length - 1].DbType = DbType.Boolean; param[str.Length - 1].Direction = ParameterDirection.Output; using (var cmd = GetDBCommand("", "[RDF.].GetStoreTriple", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param)) { //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value. ExecuteSQLDataCommand(cmd); cmd.Connection.Close(); } error = Convert.ToBoolean(param[str.Length - 1].Value); Framework.Utilities.Cache.AlterDependency(str.Subject.Value.ToString()); } catch (Exception e) { Framework.Utilities.DebugLogging.Log(e.Message + e.StackTrace); throw new Exception(e.Message); } return error; }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { if (Request.QueryString["method"].ToString() == "logout") { sm.SessionLogout(); sm.SessionDestroy(); Response.Redirect(Request.QueryString["redirectto"].ToString()); } else if (Request.QueryString["method"].ToString() == "shibboleth") { // added by Eric // If they specify an Idp, then check that they logged in from the configured IDP bool authenticated = false; if (ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"] == null || ConfigurationManager.AppSettings["Shibboleth.ShibIdentityProvider"].ToString().Equals(Request.Headers.Get("ShibIdentityProvider").ToString(), StringComparison.InvariantCultureIgnoreCase)) { String userName = Request.Headers.Get(ConfigurationManager.AppSettings["Shibboleth.UserNameHeader"].ToString()); //"025693078"; if (userName != null && userName.Trim().Length > 0) { Profiles.Login.Utilities.DataIO data = new Profiles.Login.Utilities.DataIO(); Profiles.Login.Utilities.User user = new Profiles.Login.Utilities.User(); user.UserName = userName; if (data.UserLoginExternal(ref user)) { authenticated = true; RedirectAuthenticatedUser(); } } } if (!authenticated) { // try and just put their name in the session. sm.Session().ShortDisplayName = Request.Headers.Get("ShibdisplayName"); RedirectAuthenticatedUser(); } } else if (Request.QueryString["method"].ToString() == "login") { // see if they already have a login session, if so don't send them to shibboleth Profiles.Framework.Utilities.SessionManagement sm = new Profiles.Framework.Utilities.SessionManagement(); String viewerId = sm.Session().PersonURI; if (viewerId != null && viewerId.Trim().Length > 0) { RedirectAuthenticatedUser(); } else { string redirect = Root.Domain + "/login/default.aspx?method=shibboleth"; if (Request.QueryString["redirectto"] == null && Request.QueryString["edit"] == "true") redirect += "&edit=true"; else redirect += "&redirectto=" + Request.QueryString["redirectto"].ToString(); Response.Redirect(ConfigurationManager.AppSettings["Shibboleth.LoginURL"].ToString().Trim() + HttpUtility.UrlEncode(redirect)); } } } }
private bool StoreEducationalTrainingReceipt(EducationalTrainingRequest eatr) { SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlParameter[] param = new SqlParameter[eatr.Length]; bool error = false; try { dbconnection.Open(); if (eatr.ExistingEducationalTrainingURI != null) param[eatr.ExistingEducationalTrainingURI.ParamOrdinal] = new SqlParameter("@ExistingEducationalTrainingURI", eatr.ExistingEducationalTrainingURI.Value); if (eatr.EducationalTrainingForID != null) param[eatr.EducationalTrainingForID.ParamOrdinal] = new SqlParameter("@educationalTrainingForID", Convert.ToInt64(eatr.EducationalTrainingForID.Value)); if (eatr.Institution != null) param[eatr.Institution.ParamOrdinal] = new SqlParameter("@institution", eatr.Institution.Value.ToString()); if (eatr.Location != null) param[eatr.Location.ParamOrdinal] = new SqlParameter("@location", eatr.Location.Value.ToString()); if (eatr.Degree != null) param[eatr.Degree.ParamOrdinal] = new SqlParameter("@degree", eatr.Degree.Value.ToString()); if (eatr.EndDate != null) param[eatr.EndDate.ParamOrdinal] = new SqlParameter("@endDate", eatr.EndDate.Value.ToString()); if (eatr.FieldOfStudy != null) param[eatr.FieldOfStudy.ParamOrdinal] = new SqlParameter("@fieldOfStudy", eatr.FieldOfStudy.Value.ToString()); param[eatr.Length - 3] = new SqlParameter("@sessionID", sm.Session().SessionID); param[eatr.Length - 2] = new SqlParameter("@error", null); param[eatr.Length - 2].DbType = DbType.Boolean; param[eatr.Length - 2].Direction = ParameterDirection.Output; param[eatr.Length - 1] = new SqlParameter("@nodeid", null); param[eatr.Length - 1].DbType = DbType.Int64; param[eatr.Length - 1].Direction = ParameterDirection.Output; // TODO SqlCommand comm = GetDBCommand(ref dbconnection, "[Edit.Module].[CustomEditEducationalTraining.StoreItem]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param); //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value. ExecuteSQLDataCommand(comm); comm.Connection.Close(); if (dbconnection.State != ConnectionState.Closed) dbconnection.Close(); error = Convert.ToBoolean(param[eatr.Length - 2].Value); Framework.Utilities.Cache.AlterDependency(eatr.EducationalTrainingForID.Value.ToString()); } catch (Exception e) { Framework.Utilities.DebugLogging.Log(e.Message + e.StackTrace); throw new Exception(e.Message); } return error; }
public SqlDataReader GetActiveNetwork(Int64 subject, bool details) { SqlDataReader dbreader = null; SessionManagement sm = new SessionManagement(); XmlDocument data = new XmlDocument(); try { SqlParameter[] param = new SqlParameter[3]; param[0] = new SqlParameter("@SessionID", sm.Session().SessionID); param[1] = new SqlParameter("@Details", details); if (subject == 0) param[2] = new SqlParameter("@Subject", DBNull.Value); else param[2] = new SqlParameter("@Subject", subject); dbreader = GetSQLDataReader(GetDBCommand("", "[user.account].[relationship.getrelationship]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param)); } catch (Exception ex) { Framework.Utilities.DebugLogging.Log(ex.Message + " ++ " + ex.StackTrace); } return dbreader; }
public bool DeleteTriple(Int64 subjectid, Int64 predicateid, Int64 objectid) { SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlCommand dbcommand = new SqlCommand(); SqlParameter[] param = new SqlParameter[6]; bool error = false; try { param[0] = new SqlParameter("@SubjectID", subjectid); param[1] = new SqlParameter("@PredicateID", predicateid); param[2] = new SqlParameter("@ObjectID", objectid); param[3] = new SqlParameter("@SessionID", sm.Session().SessionID); param[4] = new SqlParameter("@DeleteInverse", 1); param[5] = new SqlParameter("@Error", ""); param[5].DbType = DbType.Boolean; param[5].Direction = ParameterDirection.Output; SqlCommand comm = GetDBCommand(ref dbconnection, "[RDF.].DeleteTriple", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param); //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value. ExecuteSQLDataCommand(comm); comm.Connection.Close(); if (dbconnection.State == ConnectionState.Open) dbconnection.Close(); error = Convert.ToBoolean(param[5].Value); Framework.Utilities.Cache.AlterDependency(subjectid.ToString()); if (error) Framework.Utilities.DebugLogging.Log("Delete Triple blew up with the following values -- {[RDF.].DeleteTriple} DeleteInverse: 1 SubjectID:" + subjectid.ToString() + " PredicateID:" + predicateid.ToString() + " ObjectID:" + objectid.ToString() + " SessionID:" + sm.Session().SessionID); } catch (Exception e) { Framework.Utilities.DebugLogging.Log(e.Message + e.StackTrace); throw new Exception(e.Message); } return error; }
public Int64 GetSessionSecurityGroup() { string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SessionManagement sm = new SessionManagement(); SqlConnection dbconnection = new SqlConnection(connstr); Int64 accesscode = 0; SqlParameter[] param; param = new SqlParameter[6]; SqlCommand dbcommand = new SqlCommand(); dbconnection.Open(); dbcommand.CommandTimeout = this.GetCommandTimeout(); param[0] = new SqlParameter("@SessionID", sm.Session().SessionID); param[1] = new SqlParameter("@securitygroupid", 0); param[1].Direction = ParameterDirection.Output; param[2] = new SqlParameter("@hasspecialviewaccess", 0); param[2].Direction = ParameterDirection.Output; param[3] = new SqlParameter("@hasspecialeditaccess", 0); param[3].Direction = ParameterDirection.Output; dbcommand.Connection = dbconnection; try { //For Output Parameters you need to pass a connection object to the framework so you can close it before reading the output params value. ExecuteSQLDataCommand(GetDBCommand(ref dbconnection, "[RDF.Security].[GetSessionSecurityGroup]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param)); } catch (Exception ex) { } dbcommand.Connection.Close(); if (param[1] != null) accesscode = Convert.ToInt64(param[1].Value); return accesscode; }
protected void Page_Load(object sender, EventArgs e) { sm = new SessionManagement(); if (sm.Session().UserID == 0) Response.Redirect(Root.Domain + "/search"); // UCSF DrawProfilesModule(); }
public void SetActiveNetwork(Int64 subject, string relationshiptype, bool settoexists) { SessionManagement sm = new SessionManagement(); try { SqlParameter[] param = new SqlParameter[4]; param[0] = new SqlParameter("@SessionID", sm.Session().SessionID); param[1] = new SqlParameter("@Subject", subject); if (relationshiptype == null) param[2] = new SqlParameter("@RelationshipType", DBNull.Value); else param[2] = new SqlParameter("@RelationshipType", relationshiptype); param[3] = new SqlParameter("@SetToExists", settoexists); GetDBCommand("", "[user.account].[relationship.setrelationship]", CommandType.StoredProcedure, CommandBehavior.CloseConnection, param).ExecuteNonQuery(); } catch (Exception ex) { Framework.Utilities.DebugLogging.Log(ex.Message + " ++ " + ex.StackTrace); } }
//*************************************************************************************************************************************** private void ProcessRequest() { Framework.Utilities.DebugLogging.Log("{REST.aspx.cs} ProcessRequest() start "); string param0 = string.Empty; //Application Name {default for this install is profile} string param1 = string.Empty; string param2 = string.Empty; string param3 = string.Empty; string param4 = string.Empty; string param5 = string.Empty; string param6 = string.Empty; string param7 = string.Empty; string param8 = string.Empty; string param9 = string.Empty; XmlDocument frameworkurl = new XmlDocument(); if (HttpContext.Current.Items["Param0"] != null) { param0 = HttpContext.Current.Items["Param0"].ToString(); } else { } if (HttpContext.Current.Items["Param1"] != null) { param1 = HttpContext.Current.Items["Param1"].ToString(); } else { } if (HttpContext.Current.Items["Param2"] != null) { param2 = HttpContext.Current.Items["Param2"].ToString(); } else { } if (HttpContext.Current.Items["Param3"] != null) { param3 = HttpContext.Current.Items["Param3"].ToString(); } else { } if (HttpContext.Current.Items["Param4"] != null) { param4 = HttpContext.Current.Items["Param4"].ToString(); } else { } if (HttpContext.Current.Items["Param5"] != null) { param5 = HttpContext.Current.Items["Param5"].ToString(); } else { } if (HttpContext.Current.Items["Param6"] != null) { param6 = HttpContext.Current.Items["Param6"].ToString(); } else { } if (HttpContext.Current.Items["Param7"] != null) { param7 = HttpContext.Current.Items["Param7"].ToString(); } else { } if (HttpContext.Current.Items["Param8"] != null) { param8 = HttpContext.Current.Items["Param8"].ToString(); } else { } if (HttpContext.Current.Items["Param9"] != null) { param9 = HttpContext.Current.Items["Param9"].ToString(); } else { } DataIO data = new DataIO(); //Alias.aspx is the hub for maintaining session state. With the exception of a log in Function. //the Framework.Session is created and loaded into memory at the point a user session is created in the Global.asax file. //When a session has expired the Framework.Session.SessionLogout() method is called. SessionManagement sessionmanagement = new SessionManagement(); Session session = sessionmanagement.Session(); URLResolve resolve = data.GetResolvedURL(param0, param1, param2, param3, param4, param5, param6, param7, param8, param9, session.SessionID, Root.Domain + Root.AbsolutePath, session.UserAgent, getBestAcceptType(HttpContext.Current.Request.AcceptTypes)); Framework.Utilities.DebugLogging.Log("{REST.aspx.cs} ProcessRequest() redirect=" + resolve.Redirect.ToString() + " to=>" + resolve.ResponseURL); if (resolve.Resolved && !resolve.Redirect) { string URL = resolve.ResponseURL; Server.Execute(HttpUtility.HtmlDecode(URL)); } else if (resolve.Resolved && resolve.Redirect) { Response.Redirect(resolve.ResponseURL, true); } else { Response.Redirect(Root.Domain + "/search", true); //Response.Write("<b>Debug 404-- Your URL does not match a known Profiles RESTful pattern ---</b><br/><br/> "); //Response.Write("<br/>0: "); //Response.Write(param0); //Response.Write("<br/>1: "); //Response.Write(param1); //Response.Write("<br/>2: "); //Response.Write(param2); //Response.Write("<br/>3: "); //Response.Write(param3); //Response.Write("<br/>4: "); //Response.Write(param4); //Response.Write("<br/>5: "); //Response.Write(param5); //Response.Write("<br/>6: "); //Response.Write(param6); //Response.Write("<br/>7: "); //Response.Write(param7); //Response.Write("<br/>8: "); //Response.Write(param8); //Response.Write("<br/>9: "); //Response.Write(param9); //Response.Write("<br/><br/>Domain: "); //Response.Write(Root.Domain); //throw new Exception("custom 404 needed here"); } Framework.Utilities.DebugLogging.Log("{REST.aspx.cs} ProcessRequest() end "); }
public SqlDataReader GetPublications(RDFTriple request) { SessionManagement sm = new SessionManagement(); string connstr = ConfigurationManager.ConnectionStrings["ProfilesDB"].ConnectionString; SqlConnection dbconnection = new SqlConnection(connstr); SqlCommand dbcommand = new SqlCommand("[Profile.Module].[CustomViewAuthorInAuthorship.GetList]"); SqlDataReader dbreader; dbconnection.Open(); dbcommand.CommandType = CommandType.StoredProcedure; dbcommand.CommandTimeout = base.GetCommandTimeout(); dbcommand.Parameters.Add(new SqlParameter("@nodeid", request.Subject)); dbcommand.Parameters.Add(new SqlParameter("@sessionid", sm.Session().SessionID)); dbcommand.Connection = dbconnection; dbreader = dbcommand.ExecuteReader(CommandBehavior.CloseConnection); return dbreader; }