public static UserInfo GetUserByUsernamePassword(string username, string password, string ip) { // place log record TaskManager.StartTask("USER", "GET_BY_USERNAME_PASSWORD", username); TaskManager.WriteParameter("IP", ip); try { // try to get user from database UserInfoInternal user = GetUserInternally(username); // check if the user exists if (user == null) { TaskManager.WriteWarning("Account not found"); return(null); } // compare user passwords if ((CryptoUtils.SHA1(user.Password) == password) || (user.Password == password)) { return(new UserInfo(user)); } return(null); } catch (Exception ex) { throw TaskManager.WriteError(ex); } finally { TaskManager.CompleteTask(); } }
public override void SecureMessage(SoapEnvelope envelope, WSE.Security security) { // get server password from database string password = parentAssertion.Password; if (password == null) { return; } // hash password password = CryptoUtils.SHA1(password); // create username token UsernameToken userToken = new UsernameToken(parentAssertion.ServerId.ToString(), password, PasswordOption.SendNone); if (parentAssertion.signRequest || parentAssertion.encryptRequest) { // Add the token to the SOAP header. security.Tokens.Add(userToken); } if (parentAssertion.signRequest) { // Sign the SOAP message by using the UsernameToken. MessageSignature sig = new MessageSignature(userToken); security.Elements.Add(sig); } if (parentAssertion.encryptRequest) { // we don't return any custom SOAP headers // so, just encrypt a message Body EncryptedData data = new EncryptedData(userToken); // encrypt custom headers for (int index = 0; index < envelope.Header.ChildNodes.Count; index++) { XmlElement child = envelope.Header.ChildNodes[index] as XmlElement; // find all SecureSoapHeader headers marked with a special attribute if (child != null && child.NamespaceURI == "http://com/SolidCP/server/") { // create ID attribute for referencing purposes string id = Guid.NewGuid().ToString(); child.SetAttribute("Id", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", id); // Create an encryption reference for the custom SOAP header. data.AddReference(new EncryptionReference("#" + id)); } } security.Elements.Add(data); } }
public static UserInfo GetUserByUsernamePassword(string username, string password, string ip) { // place log record // TaskManager create backgroundtasklogs in db and them immediately remove and move them into auditlog (if it is a short task). // The TaskManager is great for long tasks, but for short tasks that are called every second (from SOAP calls, for example) it puts a huge load on the DB. //TaskManager.StartTask("USER", "GET_BY_USERNAME_PASSWORD", username); //TaskManager.WriteParameter("IP", ip); try { // try to get user from database UserInfoInternal user = GetUserInternally(username); // check if the user exists if (user == null) { //TaskManager.WriteWarning("Account not found"); AuditLog.AddAuditLogWarningRecord("USER", "GET_BY_USERNAME_PASSWORD", username, new string[] { "IP: " + ip, "Account not found" }); return(null); } // compare user passwords if ((CryptoUtils.SHA1(user.Password) == password) || (user.Password == password)) { AuditLog.AddAuditLogInfoRecord("USER", "GET_BY_USERNAME_PASSWORD", username, new string[] { "IP: " + ip }); return(new UserInfo(user)); } return(null); } catch (Exception ex) { AuditLog.AddAuditLogErrorRecord("USER", "GET_BY_USERNAME_PASSWORD", username, new string[] { "IP: " + ip, "Message: " + ex.Message, "StackTrace: " + ex.StackTrace }); //throw TaskManager.WriteError(ex); throw ex; } //finally //{ // TaskManager.CompleteTask(); //} }
public static int AuthenticateUser(string username, string password, string ip) { // start task TaskManager.StartTask("USER", "AUTHENTICATE", username); TaskManager.WriteParameter("IP", ip); try { int result = 0; // try to get user from database UserInfoInternal user = GetUserInternally(username); // check if the user exists if (user == null) { TaskManager.WriteWarning("Wrong username"); return(BusinessErrorCodes.ERROR_USER_WRONG_USERNAME); } // check if the user is disabled if (user.LoginStatus == UserLoginStatus.Disabled) { TaskManager.WriteWarning("User disabled"); return(BusinessErrorCodes.ERROR_USER_ACCOUNT_DISABLED); } // check if the user is locked out if (user.LoginStatus == UserLoginStatus.LockedOut) { TaskManager.WriteWarning("User locked out"); return(BusinessErrorCodes.ERROR_USER_ACCOUNT_LOCKEDOUT); } //Get the password policy UserSettings userSettings = UserController.GetUserSettings(user.UserId, UserSettings.SolidCP_POLICY); int lockOut = -1; if (!string.IsNullOrEmpty(userSettings["PasswordPolicy"])) { string passwordPolicy = userSettings["PasswordPolicy"]; try { // parse settings string[] parts = passwordPolicy.Split(';'); lockOut = Convert.ToInt32(parts[7]); } catch { /* skip */ } } // compare user passwords if ((CryptoUtils.SHA1(user.Password) == password) || (user.Password == password)) { switch (user.OneTimePasswordState) { case OneTimePasswordStates.Active: result = BusinessSuccessCodes.SUCCESS_USER_ONETIMEPASSWORD; OneTimePasswordHelper.FireSuccessAuth(user); break; case OneTimePasswordStates.Expired: if (lockOut >= 0) { DataProvider.UpdateUserFailedLoginAttempt(user.UserId, lockOut, false); } TaskManager.WriteWarning("Expired one time password"); return(BusinessErrorCodes.ERROR_USER_EXPIRED_ONETIMEPASSWORD); break; } } else { if (lockOut >= 0) { DataProvider.UpdateUserFailedLoginAttempt(user.UserId, lockOut, false); } TaskManager.WriteWarning("Wrong password"); return(BusinessErrorCodes.ERROR_USER_WRONG_PASSWORD); } DataProvider.UpdateUserFailedLoginAttempt(user.UserId, lockOut, true); // check status if (user.Status == UserStatus.Cancelled) { TaskManager.WriteWarning("Account cancelled"); return(BusinessErrorCodes.ERROR_USER_ACCOUNT_CANCELLED); } if (user.Status == UserStatus.Pending) { TaskManager.WriteWarning("Account pending"); return(BusinessErrorCodes.ERROR_USER_ACCOUNT_PENDING); } return(result); } catch (Exception ex) { throw TaskManager.WriteError(ex); } finally { TaskManager.CompleteTask(); } }