public static void SignOut() { Initialize(); HttpContext context = HttpContext.Current; if (context == null) { throw new HttpException("Context is null!"); } HttpResponse response = context.Response; if (response == null) { throw new HttpException("Response is null!"); } HttpCookieCollection cc = response.Cookies; cc.Remove(cookieName); HttpCookie expiration_cookie = new HttpCookie(cookieName, String.Empty); expiration_cookie.Expires = new DateTime(1999, 10, 12); expiration_cookie.Path = cookiePath; if (!String.IsNullOrEmpty(cookie_domain)) { expiration_cookie.Domain = cookie_domain; } cc.Add(expiration_cookie); Roles.DeleteCookie(); }
private void OnLeave(Object source, EventArgs eventArgs) { HttpApplication app; HttpContext context; app = (HttpApplication)source; context = app.Context; if (!Roles.Enabled || !Roles.CacheRolesInCookie || context.Response.HeadersWritten) { return; } if (context.User == null || !(context.User is RolePrincipal) || !context.User.Identity.IsAuthenticated) { return; } if (Roles.CookieRequireSSL && !context.Request.IsSecureConnection) { // if cookie is sent, then clear it if (context.Request.Cookies[Roles.CookieName] != null) { Roles.DeleteCookie(); } return; } RolePrincipal rp = (RolePrincipal)context.User; if (rp.CachedListChanged && context.Request.Browser.Cookies) { string s = rp.ToEncryptedTicket(); if (string.IsNullOrEmpty(s) || s.Length > MAX_COOKIE_LENGTH) { Roles.DeleteCookie(); } else { HttpCookie cookie = new HttpCookie(Roles.CookieName, s); cookie.HttpOnly = true; cookie.Path = Roles.CookiePath; cookie.Domain = Roles.Domain; if (Roles.CreatePersistentCookie) { cookie.Expires = rp.ExpireDate; } cookie.Secure = Roles.CookieRequireSSL; context.Response.Cookies.Add(cookie); } } }
private void OnLeave(object source, EventArgs eventArgs) { HttpApplication application = (HttpApplication)source; HttpContext context = application.Context; if (((Roles.Enabled && Roles.CacheRolesInCookie) && !context.Response.HeadersWritten) && (((context.User != null) && (context.User is RolePrincipal)) && context.User.Identity.IsAuthenticated)) { if (Roles.CookieRequireSSL && !context.Request.IsSecureConnection) { if (context.Request.Cookies[Roles.CookieName] != null) { Roles.DeleteCookie(); } } else { RolePrincipal user = (RolePrincipal)context.User; if (user.CachedListChanged && context.Request.Browser.Cookies) { string str = user.ToEncryptedTicket(); if (string.IsNullOrEmpty(str) || (str.Length > 0x1000)) { Roles.DeleteCookie(); } else { HttpCookie cookie = new HttpCookie(Roles.CookieName, str) { HttpOnly = true, Path = Roles.CookiePath, Domain = Roles.Domain }; if (Roles.CreatePersistentCookie) { cookie.Expires = user.ExpireDate; } cookie.Secure = Roles.CookieRequireSSL; context.Response.Cookies.Add(cookie); } } } } }
private void OnEnter(object source, EventArgs eventArgs) { if (!Roles.Enabled) { if (HttpRuntime.UseIntegratedPipeline) { ((HttpApplication)source).Context.DisableNotifications(RequestNotification.EndRequest, 0); } } else { HttpApplication application = (HttpApplication)source; HttpContext context = application.Context; if (this._eventHandler != null) { RoleManagerEventArgs e = new RoleManagerEventArgs(context); this._eventHandler(this, e); if (e.RolesPopulated) { return; } } if (Roles.CacheRolesInCookie) { if (context.User.Identity.IsAuthenticated && (!Roles.CookieRequireSSL || context.Request.IsSecureConnection)) { try { HttpCookie cookie = context.Request.Cookies[Roles.CookieName]; if (cookie != null) { string encryptedTicket = cookie.Value; if ((encryptedTicket != null) && (encryptedTicket.Length > 0x1000)) { Roles.DeleteCookie(); } else { if (!string.IsNullOrEmpty(Roles.CookiePath) && (Roles.CookiePath != "/")) { cookie.Path = Roles.CookiePath; } cookie.Domain = Roles.Domain; context.SetPrincipalNoDemand(this.CreateRolePrincipalWithAssert(context.User.Identity, encryptedTicket)); } } } catch { } } else { if (context.Request.Cookies[Roles.CookieName] != null) { Roles.DeleteCookie(); } if (HttpRuntime.UseIntegratedPipeline) { context.DisableNotifications(RequestNotification.EndRequest, 0); } } } if (!(context.User is RolePrincipal)) { context.SetPrincipalNoDemand(this.CreateRolePrincipalWithAssert(context.User.Identity, null)); } HttpApplication.SetCurrentPrincipalWithAssert(context.User); } }
//////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////// /// <devdoc> /// <para>[To be supplied.]</para> /// </devdoc> private void OnEnter(Object source, EventArgs eventArgs) { if (!Roles.Enabled) { if (HttpRuntime.UseIntegratedPipeline) { ((HttpApplication)source).Context.DisableNotifications(RequestNotification.EndRequest, 0); } return; } HttpApplication app = (HttpApplication)source; HttpContext context = app.Context; if (_eventHandler != null) { RoleManagerEventArgs e = new RoleManagerEventArgs(context); _eventHandler(this, e); if (e.RolesPopulated) { return; } } Debug.Assert(null != context.User, "null != context.User"); if (Roles.CacheRolesInCookie) { if (context.User.Identity.IsAuthenticated && (!Roles.CookieRequireSSL || context.Request.IsSecureConnection)) { // Try to create from cookie try { HttpCookie cookie = context.Request.Cookies[Roles.CookieName]; if (cookie != null) { string cookieValue = cookie.Value; // Ignore cookies that are too long if (cookieValue != null && cookieValue.Length > MAX_COOKIE_LENGTH) { Roles.DeleteCookie(); } else { if (!String.IsNullOrEmpty(Roles.CookiePath) && Roles.CookiePath != "/") { cookie.Path = Roles.CookiePath; } cookie.Domain = Roles.Domain; context.SetPrincipalNoDemand(CreateRolePrincipalWithAssert(context.User.Identity, cookieValue)); } } } catch { } // ---- exceptions } else { if (context.Request.Cookies[Roles.CookieName] != null) { Roles.DeleteCookie(); } // if we're not using cookie caching, we don't need the EndRequest // event and can suppress it if (HttpRuntime.UseIntegratedPipeline) { context.DisableNotifications(RequestNotification.EndRequest, 0); } } } if (!(context.User is RolePrincipal)) { context.SetPrincipalNoDemand(CreateRolePrincipalWithAssert(context.User.Identity)); } HttpApplication.SetCurrentPrincipalWithAssert(context.User); }