public static void WriteReservation(Reservation r) { try { string fullPath = Path.GetFullPath(path + "reservations.txt"); File.AppendAllText(fullPath, r.Write()); try { Audit.WriteInFileSuccess(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "reservations.txt"); } catch (Exception e) { Console.WriteLine(e.Message); } } catch (Exception e) { try { Audit.WriteInFileFailed(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "reservations.txt", e.Message); } catch (Exception eror) { Console.WriteLine(eror.Message); } Console.WriteLine($"Error while trying to write reservation with id {r.Id}, error: : {e.Message}"); } }
public static void WriteDiscount() { try { string fullPath = Path.GetFullPath(path + "discount.txt"); File.WriteAllText(fullPath, String.Empty); File.AppendAllText(fullPath, Discount.ToString()); try { Audit.WriteInFileSuccess(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "discount.txt"); } catch (Exception e) { try { Audit.WriteInFileFailed(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "discount.txt", e.Message); } catch (Exception eror) { Console.WriteLine(eror.Message); } Console.WriteLine(e.Message); } } catch (Exception e) { Console.WriteLine($"Error while trying to write discount : {e.Message}"); } }
public static void WriteUser(User u) { try { string fullPath = Path.GetFullPath(path + "users.txt"); File.AppendAllText(fullPath, u.Write()); try { Audit.WriteInFileSuccess(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "users.txt"); } catch (Exception e) { Console.WriteLine(e.Message); } } catch (Exception e) { try { Audit.WriteInFileFailed(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "users.txt", e.Message); } catch (Exception eror) { Console.WriteLine(eror.Message); } Console.WriteLine($"Error while trying to write user with username {u.Username}, error: : {e.Message}"); } }
/// <summary> /// Implementation of a custom certificate validation on the service side. /// Service should consider certificate valid if its issuer is the same as the issuer of the service. /// If validation fails, throw an exception with an adequate message. /// </summary> /// <param name="certificate"> certificate to be validate </param> public override void Validate(X509Certificate2 certificate) { /// This will take service's certificate from storage X509Certificate2 srvCert = CertManager.GetCertificateFromStorage(StoreName.My, StoreLocation.LocalMachine, Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "Service"); if (!certificate.Issuer.Equals(srvCert.Issuer)) { throw new Exception("Certificate is not from the valid issuer."); } }
public static List <Reservation> ReadReservations() { List <Reservation> temp = new List <Reservation>(); try { string fullPath = Path.GetFullPath(path + "reservations.txt"); FileStream stream = new FileStream(fullPath, FileMode.Open); StreamReader reader = new StreamReader(stream); string line = ""; while ((line = reader.ReadLine()) != null) { string[] tokens = line.Split(';'); string[] dateTokens = tokens[2].Split('/'); DateTime date = new DateTime(int.Parse(dateTokens[2]), int.Parse(dateTokens[1]), int.Parse(dateTokens[0])); Reservation r = new Reservation(int.Parse(tokens[0]), int.Parse(tokens[1]), date, int.Parse(tokens[3])); r.State = (ReservationState)Enum.Parse(typeof(ReservationState), tokens[4]); temp.Add(r); } reader.Close(); stream.Close(); try { Audit.ReadFromFileSuccess(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "reservations.txt"); } catch (Exception e) { Console.WriteLine(e.Message); } } catch (Exception e) { try { Audit.ReadFromFileFailed(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "reservations.txt", e.Message); } catch (Exception eror) { Console.WriteLine(eror.Message); } Console.WriteLine($"Error while trying to read performances : {e.Message}"); } return(temp); }
public string GetClientUserName() { string retValue = ""; try { string nameClient = Formatter.ParseName(ServiceSecurityContext.Current.PrimaryIdentity.Name); string[] clientName = nameClient.Split(';'); string[] tokens = clientName[0].Split(','); retValue = tokens[0].Split('=')[1]; } catch (Exception e) { Console.WriteLine($"\nError while trying to get the client name: {e.Message}."); } return(retValue); }
// decrypt request // write data to the database public bool Write(byte[] encryptedKey, byte[] encryptedValue) { Console.WriteLine("----------------------------------------------------------------------------------"); Console.WriteLine("Received encrypted WRITE request..."); IIdentity identity = Thread.CurrentPrincipal.Identity; WindowsIdentity windowsIdentity = identity as WindowsIdentity; string user = Formatter.ParseName(windowsIdentity.Name); Console.WriteLine("User requesting the service: "); Console.WriteLine(user); byte[] sessionKey = GetSessionKey(user); string key; string value; try { key = Encoding.ASCII.GetString(_3DESAlgorithm.Decrypt(encryptedKey, sessionKey)).Trim('\0'); value = Encoding.ASCII.GetString(_3DESAlgorithm.Decrypt(encryptedValue, sessionKey)).Trim('\0'); } catch (Exception e) { Console.WriteLine("Data Error: {0}", e.Message); throw new FaultException <DataException>(new DataException("Data Error: Key/Value cannot be null, empty, or whitespace")); } try { Database.Write(key, value); return(true); } catch (FaultException <DataException> e) { Console.WriteLine("Data Error: {0}", e.Detail.Message); throw new FaultException <DataException>(new DataException(e.Detail.Message)); } catch (Exception e) { Console.WriteLine("Error: {0}", e.Message); throw new FaultException <DataException>(new DataException(e.Message)); } }
public static void ReadDiscount() { try { string fullPath = Path.GetFullPath(path + "discount.txt"); FileStream stream = new FileStream(fullPath, FileMode.Open); StreamReader reader = new StreamReader(stream); string line = ""; while ((line = reader.ReadLine()) != null) { Discount = int.Parse(line); } reader.Close(); stream.Close(); try { Audit.ReadFromFileSuccess(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "discount.txt"); } catch (Exception e) { Console.WriteLine(e.Message); } } catch (Exception e) { try { Audit.ReadFromFileFailed(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "discount.txt", e.Message); } catch (Exception eror) { Console.WriteLine(eror.Message); } Console.WriteLine($"Error while trying to read discount : {e.Message}"); } }
static void Main(string[] args) { //Debugger.Launch(); WCFDatabase db = WCFDatabase.InitializeDb(); //uzmemo username od servera kako bismo uzeli certificate uz pomoc toga String serviceCertificateCN = Formatter.ParseName(WindowsIdentity.GetCurrent().Name); NetTcpBinding binding = new NetTcpBinding(); binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.Certificate; string address = "net.tcp://localhost:9999/WCFService"; ServiceHost serviceHost = new ServiceHost(typeof(WCFService)); serviceHost.AddServiceEndpoint(typeof(IWCFService), binding, address); //kazemo da ne gleda da li je povucen sertifikat i setujemo .cer fajl od servera serviceHost.Credentials.ClientCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck; serviceHost.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.ChainTrust; serviceHost.Credentials.ServiceCertificate.Certificate = CertManager.GetCertificateFromStorage(StoreName.My, StoreLocation.LocalMachine, serviceCertificateCN); serviceHost.Description.Behaviors.Remove(typeof(ServiceDebugBehavior)); serviceHost.Description.Behaviors.Add(new ServiceDebugBehavior() { IncludeExceptionDetailInFaults = true }); serviceHost.Authorization.ServiceAuthorizationManager = new AuthorizationManager(); //polisa sadrzi uslove koje omogucavaju evaluaciju korisnika(da li ima pravo pristupa nekoj metodi) //na osnovu polise radimo proveru serviceHost.Authorization.PrincipalPermissionMode = PrincipalPermissionMode.Custom; List <IAuthorizationPolicy> policies = new List <IAuthorizationPolicy>(); policies.Add(new CustomPolicy()); serviceHost.Authorization.ExternalAuthorizationPolicies = policies.AsReadOnly(); serviceHost.Description.Behaviors.Remove <ServiceSecurityAuditBehavior>(); ///////////////////////// LOGGER ///////////////////////// NetTcpBinding bindingLogger = new NetTcpBinding(); bindingLogger.Security.Transport.ClientCredentialType = TcpClientCredentialType.Windows; string addressLogger = "net.tcp://localhost:10000/WCFLogger"; EndpointAddress endpointAddress = new EndpointAddress(new Uri(addressLogger)); ////////////////////////////////////////////////////////// WCFServiceLoggerConnection.InitializeService(bindingLogger, endpointAddress); serviceHost.Open(); Console.WriteLine("WCFService is opened. Press <enter> to finish and save databases..."); Console.ReadLine(); serviceHost.Close(); db.SerializeData(); }
public void PayReservation(int reservationsId) { CustomPrincipal principal = Thread.CurrentPrincipal as CustomPrincipal; if (principal.IsInRole("Korisnik") || principal.IsInRole("SuperKorisnik")) { string clientUsername = GetClientUserName(); string clientRole = GetClientRole(); Console.WriteLine("\nPaying reservation..."); foreach (User u in Database.users) { if (u.Username.Equals(clientUsername)) { foreach (Reservation r in u.Reservations) { foreach (Performance p in Database.performances) { if (p.Id.Equals(r.PerformanceId)) { if (r.Id.Equals(reservationsId)) { if (clientRole.Equals("Korisnik")) { u.Balance -= r.TicketQuantity * p.TicketPrice; try { Audit.ChangeSuccess(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "balance."); } catch (Exception e) { Console.WriteLine(e.Message); } } else { u.Balance -= r.TicketQuantity * p.TicketPrice - (r.TicketQuantity * p.TicketPrice) * (Database.Discount / 100); try { Audit.ChangeSuccess(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "balance."); } catch (Exception e) { Console.WriteLine(e.Message); } } for (int i = 0; i < u.Reservations.Count(); i++) { if (u.Reservations[i].Id.Equals(reservationsId)) { u.Reservations[i].State = ReservationState.PAID; try { Audit.PayReservationSuccess(clientUsername, ReservationState.UNPAID.ToString(), ReservationState.PAID.ToString()); } catch (Exception e) { Console.WriteLine(e.Message); } Database.WriteReservations(); Database.WriteUsers(); } } } } } } } } } else { try { Audit.AuthorizationFailed(GetClientUserName(), "Pay Reservation", $"Pay Reservation can be used only by user in the Korisnik or SuperKorisnik group."); } catch (Exception e) { Console.WriteLine(e.Message); } ErrorMessage("Korisnik or SuperKorisnik", "Pay Reservation"); } }
static void Main(string[] args) { /// srvCertCN.SubjectName should be set to the service's username. .NET WindowsIdentity class provides information about Windows user running the given process string srvCertCN = Formatter.ParseName(WindowsIdentity.GetCurrent().Name); //sbesserver NetTcpBinding binding = new NetTcpBinding(); binding.Security.Transport.ClientCredentialType = TcpClientCredentialType.Certificate; string address = "net.tcp://localhost:9999/Receiver"; ServiceHost host = new ServiceHost(typeof(WCFService)); host.AddServiceEndpoint(typeof(IWCFService), binding, address); ///Custom validation mode enables creation of a custom validator - CustomCertificateValidator host.Credentials.ClientCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.Custom; host.Credentials.ClientCertificate.Authentication.CustomCertificateValidator = new ServiceCertValidator(); ///If CA doesn't have a CRL associated, WCF blocks every client because it cannot be validated host.Credentials.ClientCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck; ///Set appropriate service's certificate on the host. Use CertManager class to obtain the certificate based on the "srvCertCN" host.Credentials.ServiceCertificate.Certificate = CertManager.GetCertificateFromStorage(StoreName.My, StoreLocation.LocalMachine, srvCertCN); ///Set custom policy host.Authorization.PrincipalPermissionMode = PrincipalPermissionMode.Custom; List <IAuthorizationPolicy> policies = new List <IAuthorizationPolicy>(); policies.Add(new CustomAuthorizationPolicy()); host.Authorization.ExternalAuthorizationPolicies = policies.AsReadOnly(); ///AuditBehaviour ServiceSecurityAuditBehavior newAudit = new ServiceSecurityAuditBehavior(); newAudit.AuditLogLocation = AuditLogLocation.Application; newAudit.ServiceAuthorizationAuditLevel = AuditLevel.SuccessOrFailure; host.Description.Behaviors.Remove <ServiceSecurityAuditBehavior>(); host.Description.Behaviors.Add(newAudit); Database.performances = Database.ReadPerformances(); Database.reservations = Database.ReadReservations(); Database.users = Database.ReadUsers(); Database.ReadDiscount(); try { host.Open(); Console.WriteLine("WCFService is started.\nPress <enter> to stop..."); Console.ReadLine(); } catch (Exception e) { Console.WriteLine("[ERROR] {0}", e.Message); Console.WriteLine("[StackTrace] {0}", e.StackTrace); Console.ReadLine(); } finally { host.Close(); } }
public static List <User> ReadUsers() { List <User> temp = new List <User>(); try { string fullPath = Path.GetFullPath(path + "users.txt"); FileStream stream = new FileStream(fullPath, FileMode.Open); StreamReader reader = new StreamReader(stream); string line = ""; while ((line = reader.ReadLine()) != null) { string[] tokens = line.Split(';'); List <Reservation> userReservations = new List <Reservation>(); User user = null; int count = tokens[3].Count(x => x == ','); if (count != 0) { string[] idRes = tokens[3].Split(','); for (int i = 0; i < count; i++) { foreach (Reservation res in reservations) { if (int.Parse(idRes[i]) == res.Id) { userReservations.Add(res); } } } user = new User(tokens[0], tokens[1], double.Parse(tokens[2]), userReservations); } else { user = new User(tokens[0], tokens[1]); } temp.Add(user); } reader.Close(); stream.Close(); try { Audit.ReadFromFileSuccess(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "users.txt"); } catch (Exception e) { Console.WriteLine(e.Message); } } catch (Exception e) { try { Audit.ReadFromFileFailed(Formatter.ParseName(WindowsIdentity.GetCurrent().Name), "users.txt", e.Message); } catch (Exception eror) { Console.WriteLine(eror.Message); } Console.WriteLine($"Error while trying to read users : {e.Message}"); } return(temp); }