示例#1
0
        protected void btnGo_Click(object sender, EventArgs e)
        {
            bool   isValid = false;
            string domain  = ConfigurationManager.AppSettings["network_domain"];

            //Check the network username and password
            using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, domain))
            {
                isValid = pc.ValidateCredentials(txtUsername.Value, txtPassword.Value, ContextOptions.Negotiate);
            }


            if (isValid)
            {
                string sUsername = txtUsername.Value;

                //Did request come from the setup page?
                if (Request["page"] != null && Request["page"] == "setup")
                {
                    Session["username"] = sUsername;
                    Response.Redirect("~/setup");
                }
                else
                {
                    //Create a SAML 2.0 Response with the network username of the authenticating user.
                    var samlResponse = SamlResponse.CreateSamlResponse(
                        ConfigurationManager.AppSettings[tenant + "recipient"]
                        , ConfigurationManager.AppSettings[tenant + "issuer"]
                        , ConfigurationManager.AppSettings[tenant + "domain"]
                        , sUsername
                        , ConfigurationManager.AppSettings[tenant + "cert_issuer_name"]
                        , ConfigurationManager.AppSettings[tenant + "target"]);

                    form1.Action       = ConfigurationManager.AppSettings[tenant + "recipient"];
                    RelayState.Value   = ConfigurationManager.AppSettings[tenant + "target"];
                    SAMLResponse.Value = samlResponse;

                    if (Request["link"] != null)
                    {
                        RelayState.Value = Request["link"];
                    }

                    String scriptText = "";
                    scriptText += "function submitForm(){";
                    scriptText += "   document.getElementById('form1').submit(); ";
                    scriptText += "}";
                    scriptText += "submitForm();";
                    ClientScript.RegisterStartupScript(this.GetType(),
                                                       "SubmitScript", scriptText, true);
                }
            }
        }
示例#2
0
        protected void Page_Load(object sender, EventArgs e)
        {
            string tenant    = "";
            string sUsername = User.Identity.Name.Split('\\')[1].ToLower();

            //Default Tenant Override
            if (Request["tenant"] != null)
            {
                tenant = Request["tenant"].ToString() + "_";
                if (tenant.Length > 25)
                {
                    tenant = "";
                }
            }

            //Check for Bypass file - Redirect to Workday
            if (File.Exists(Server.MapPath(".") + "\\Setup\\UserFiles\\" + sUsername + "_bypass.txt"))
            {
                string url = ConfigurationManager.AppSettings[tenant + "target"];
                if (Request["link"] != null)
                {
                    url = Request["link"];
                }
                Response.Redirect(url);
                return;
            }

            //Check for login file - Login Required
            if (File.Exists(Server.MapPath(".") + "\\Setup\\UserFiles\\" + sUsername + "_login.txt"))
            {
                string url = "login.aspx";
                if (Request["link"] != null)
                {
                    url += "?link=" + Request["link"];
                }
                Response.Redirect(url);
                return;
            }


            //Access is Restricted
            if (ConfigurationManager.AppSettings[tenant + "allowed"] != null)
            {
                string[] allowed = ConfigurationManager.AppSettings[tenant + "allowed"].Split(',');
                bool     found   = false;
                foreach (string username in allowed)
                {
                    if (sUsername == username)
                    {
                        found = true;
                        break;
                    }
                }
                if (!found)
                {
                    throw new Exception("Your username must be added to the allowed users list.");
                }
            }


            //Admin impersonation
            if (Request["i"] != null)
            {
                string[] admins = ConfigurationManager.AppSettings[tenant + "admins"].Split(',');
                foreach (string admin in admins)
                {
                    if (sUsername == admin)
                    {
                        sUsername = Request["i"].ToString();
                    }
                }
            }


            //Input Validation
            if (sUsername.Length > 25)
            {
                sUsername = sUsername.Substring(0, 25);
            }

            //************************************************************************************
            //Create a SAML 2.0 Response with the network username of the authenticating user.
            //************************************************************************************
            var samlResponse = SamlResponse.CreateSamlResponse(
                ConfigurationManager.AppSettings[tenant + "recipient"]
                , ConfigurationManager.AppSettings[tenant + "issuer"]
                , ConfigurationManager.AppSettings[tenant + "domain"]
                , sUsername
                , ConfigurationManager.AppSettings[tenant + "cert_issuer_name"]
                , ConfigurationManager.AppSettings[tenant + "target"]);

            form1.Action       = ConfigurationManager.AppSettings[tenant + "recipient"];
            RelayState.Value   = ConfigurationManager.AppSettings[tenant + "target"];
            SAMLResponse.Value = samlResponse;

            if (Request["link"] != null)
            {
                RelayState.Value = Request["link"];
            }
        }