Code:
/ Dotnetfx_Vista_SP2 / Dotnetfx_Vista_SP2 / 8.0.50727.4016 / DEVDIV / depot / DevDiv / releases / whidbey / NetFxQFE / ndp / fx / src / xsp / System / Web / Security / WindowsAuthenticationModule.cs / 1 / WindowsAuthenticationModule.cs
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
/*
* WindowsAuthenticationModule class
*
* Copyright (c) 1999 Microsoft Corporation
*/
namespace System.Web.Security {
using System.Web;
using System.Web.Configuration;
using System.Security.Principal;
using System.Security.Permissions;
using System.Globalization;
using System.Web.Management;
using System.Web.Util;
using System.Web.Hosting;
///
///
/// Allows ASP.NET applications to use Windows/IIS authentication.
///
///
[AspNetHostingPermission(SecurityAction.LinkDemand, Level=AspNetHostingPermissionLevel.Minimal)]
public sealed class WindowsAuthenticationModule : IHttpModule {
private WindowsAuthenticationEventHandler _eventHandler;
private static bool _fAuthChecked;
private static bool _fAuthRequired;
private static WindowsIdentity _anonymousIdentity;
private static WindowsPrincipal _anonymousPrincipal;
///
///
/// Initializes a new instance of the
///
[SecurityPermission(SecurityAction.Demand, Unrestricted=true)]
public WindowsAuthenticationModule() {
}
///
/// This is a global.asax event that must be
/// named WindowsAuthenticate_OnAuthenticate event. It's used primarily to attach a
/// custom IPrincipal object to the context.
///
public event WindowsAuthenticationEventHandler Authenticate {
add {
_eventHandler += value;
}
remove {
_eventHandler -= value;
}
}
///
/// [To be supplied.]
///
public void Dispose() {
}
///
/// [To be supplied.]
///
public void Init(HttpApplication app) {
app.AuthenticateRequest += new EventHandler(this.OnEnter);
}
////////////////////////////////////////////////////////////
// OnAuthenticate: Custom Authentication modules can override
// this method to create a custom IPrincipal object from
// a WindowsIdentity
///
/// Calls the
/// WindowsAuthentication_OnAuthenticate handler if one exists.
///
void OnAuthenticate(WindowsAuthenticationEventArgs e) {
////////////////////////////////////////////////////////////
// If there are event handlers, invoke the handlers
if (_eventHandler != null)
_eventHandler(this, e);
if (e.Context.User == null)
{
if (e.User != null)
e.Context.User = e.User;
else if (e.Identity == _anonymousIdentity)
e.Context.SetPrincipalNoDemand(_anonymousPrincipal, false /*needToSetNativePrincipal*/);
else
e.Context.SetPrincipalNoDemand(new WindowsPrincipal(e.Identity), false /*needToSetNativePrincipal*/);
}
}
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
// Methods for internal implementation
///
///
void OnEnter(Object source, EventArgs eventArgs) {
if (!IsEnabled)
return;
HttpApplication app = (HttpApplication)source;
HttpContext context = app.Context;;
WindowsIdentity identity = null;
//////////////////////////////////////////////////////////////////
// Step 2: Create a Windows Identity from the credentials from IIS
if (HttpRuntime.UseIntegratedPipeline) {
// The native WindowsAuthenticationModule sets the user principal in IIS7WorkerRequest.SynchronizeVariables.
// The managed WindowsAuthenticationModule provides backward compatibility by rasing the OnAuthenticate event.
WindowsPrincipal user = context.User as WindowsPrincipal;
if (user != null) {
// identity will be null if this is not a WindowsIdentity
identity = user.Identity as WindowsIdentity;
// clear Context.User for backward compatibility (it will be set in OnAuthenticate)
context.SetPrincipalNoDemand(null, false /*needToSetNativePrincipal*/);
}
}
else {
String strLogonUser = context.WorkerRequest.GetServerVariable("LOGON_USER");
String strAuthType = context.WorkerRequest.GetServerVariable("AUTH_TYPE");
if (strLogonUser == null) {
strLogonUser = String.Empty;
}
if (strAuthType == null) {
strAuthType = String.Empty;
}
if (strLogonUser.Length == 0 && (strAuthType.Length == 0 ||
StringUtil.EqualsIgnoreCase(strAuthType, "basic")))
{
////////////////////////////////////////////////////////
// Step 2a: Use the anonymous identity
identity = _anonymousIdentity;
}
else
{
identity = new WindowsIdentity(
context.WorkerRequest.GetUserToken(),
strAuthType,
WindowsAccountType.Normal,
true);
}
}
///////////////////////////////////////////////////////////////////////////////////
// Step 3: Call OnAuthenticate to create IPrincipal for this request.
if (identity != null) {
OnAuthenticate( new WindowsAuthenticationEventArgs(identity, context) );
}
}
internal static IPrincipal AnonymousPrincipal { get { return _anonymousPrincipal; } }
internal static bool IsEnabled {
get {
if (!_fAuthChecked) {
AuthenticationSection settings = RuntimeConfig.GetAppConfig().Authentication;
settings.ValidateAuthenticationMode();
_fAuthRequired = (settings.Mode == AuthenticationMode.Windows);
if (_fAuthRequired) {
_anonymousIdentity = WindowsIdentity.GetAnonymous();
_anonymousPrincipal = new WindowsPrincipal(_anonymousIdentity);
}
_fAuthChecked = true;
}
return _fAuthRequired;
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
//------------------------------------------------------------------------------
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
//-----------------------------------------------------------------------------
/*
* WindowsAuthenticationModule class
*
* Copyright (c) 1999 Microsoft Corporation
*/
namespace System.Web.Security {
using System.Web;
using System.Web.Configuration;
using System.Security.Principal;
using System.Security.Permissions;
using System.Globalization;
using System.Web.Management;
using System.Web.Util;
using System.Web.Hosting;
///
///
/// Allows ASP.NET applications to use Windows/IIS authentication.
///
///
[AspNetHostingPermission(SecurityAction.LinkDemand, Level=AspNetHostingPermissionLevel.Minimal)]
public sealed class WindowsAuthenticationModule : IHttpModule {
private WindowsAuthenticationEventHandler _eventHandler;
private static bool _fAuthChecked;
private static bool _fAuthRequired;
private static WindowsIdentity _anonymousIdentity;
private static WindowsPrincipal _anonymousPrincipal;
///
///
/// Initializes a new instance of the
///
[SecurityPermission(SecurityAction.Demand, Unrestricted=true)]
public WindowsAuthenticationModule() {
}
///
/// This is a global.asax event that must be
/// named WindowsAuthenticate_OnAuthenticate event. It's used primarily to attach a
/// custom IPrincipal object to the context.
///
public event WindowsAuthenticationEventHandler Authenticate {
add {
_eventHandler += value;
}
remove {
_eventHandler -= value;
}
}
///
/// [To be supplied.]
///
public void Dispose() {
}
///
/// [To be supplied.]
///
public void Init(HttpApplication app) {
app.AuthenticateRequest += new EventHandler(this.OnEnter);
}
////////////////////////////////////////////////////////////
// OnAuthenticate: Custom Authentication modules can override
// this method to create a custom IPrincipal object from
// a WindowsIdentity
///
/// Calls the
/// WindowsAuthentication_OnAuthenticate handler if one exists.
///
void OnAuthenticate(WindowsAuthenticationEventArgs e) {
////////////////////////////////////////////////////////////
// If there are event handlers, invoke the handlers
if (_eventHandler != null)
_eventHandler(this, e);
if (e.Context.User == null)
{
if (e.User != null)
e.Context.User = e.User;
else if (e.Identity == _anonymousIdentity)
e.Context.SetPrincipalNoDemand(_anonymousPrincipal, false /*needToSetNativePrincipal*/);
else
e.Context.SetPrincipalNoDemand(new WindowsPrincipal(e.Identity), false /*needToSetNativePrincipal*/);
}
}
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
// Methods for internal implementation
///
///
void OnEnter(Object source, EventArgs eventArgs) {
if (!IsEnabled)
return;
HttpApplication app = (HttpApplication)source;
HttpContext context = app.Context;;
WindowsIdentity identity = null;
//////////////////////////////////////////////////////////////////
// Step 2: Create a Windows Identity from the credentials from IIS
if (HttpRuntime.UseIntegratedPipeline) {
// The native WindowsAuthenticationModule sets the user principal in IIS7WorkerRequest.SynchronizeVariables.
// The managed WindowsAuthenticationModule provides backward compatibility by rasing the OnAuthenticate event.
WindowsPrincipal user = context.User as WindowsPrincipal;
if (user != null) {
// identity will be null if this is not a WindowsIdentity
identity = user.Identity as WindowsIdentity;
// clear Context.User for backward compatibility (it will be set in OnAuthenticate)
context.SetPrincipalNoDemand(null, false /*needToSetNativePrincipal*/);
}
}
else {
String strLogonUser = context.WorkerRequest.GetServerVariable("LOGON_USER");
String strAuthType = context.WorkerRequest.GetServerVariable("AUTH_TYPE");
if (strLogonUser == null) {
strLogonUser = String.Empty;
}
if (strAuthType == null) {
strAuthType = String.Empty;
}
if (strLogonUser.Length == 0 && (strAuthType.Length == 0 ||
StringUtil.EqualsIgnoreCase(strAuthType, "basic")))
{
////////////////////////////////////////////////////////
// Step 2a: Use the anonymous identity
identity = _anonymousIdentity;
}
else
{
identity = new WindowsIdentity(
context.WorkerRequest.GetUserToken(),
strAuthType,
WindowsAccountType.Normal,
true);
}
}
///////////////////////////////////////////////////////////////////////////////////
// Step 3: Call OnAuthenticate to create IPrincipal for this request.
if (identity != null) {
OnAuthenticate( new WindowsAuthenticationEventArgs(identity, context) );
}
}
internal static IPrincipal AnonymousPrincipal { get { return _anonymousPrincipal; } }
internal static bool IsEnabled {
get {
if (!_fAuthChecked) {
AuthenticationSection settings = RuntimeConfig.GetAppConfig().Authentication;
settings.ValidateAuthenticationMode();
_fAuthRequired = (settings.Mode == AuthenticationMode.Windows);
if (_fAuthRequired) {
_anonymousIdentity = WindowsIdentity.GetAnonymous();
_anonymousPrincipal = new WindowsPrincipal(_anonymousIdentity);
}
_fAuthChecked = true;
}
return _fAuthRequired;
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- MultiView.cs
- PixelFormats.cs
- ExecutorLocksHeldException.cs
- AssemblyAttributes.cs
- CounterCreationData.cs
- NonBatchDirectoryCompiler.cs
- NavigationService.cs
- DuplicateWaitObjectException.cs
- NavigationProperty.cs
- ManagementInstaller.cs
- WorkflowApplicationEventArgs.cs
- dataobject.cs
- CodeExpressionCollection.cs
- XmlStreamStore.cs
- TrackingRecord.cs
- Update.cs
- PageThemeCodeDomTreeGenerator.cs
- CodeTypeOfExpression.cs
- BitmapDecoder.cs
- XPathAxisIterator.cs
- GridLength.cs
- Win32KeyboardDevice.cs
- ClonableStack.cs
- FrameworkContentElement.cs
- BufferBuilder.cs
- DrawingServices.cs
- XmlTextAttribute.cs
- WebConfigurationManager.cs
- ListItem.cs
- Constraint.cs
- ToolStripContentPanelRenderEventArgs.cs
- WeakReadOnlyCollection.cs
- DBSchemaRow.cs
- Int64.cs
- loginstatus.cs
- Frame.cs
- ClientApiGenerator.cs
- StrokeCollectionDefaultValueFactory.cs
- MetricEntry.cs
- EventDescriptor.cs
- ShapingWorkspace.cs
- DataConnectionHelper.cs
- NamedElement.cs
- SystemWebExtensionsSectionGroup.cs
- RSAPKCS1KeyExchangeFormatter.cs
- DragEvent.cs
- VectorKeyFrameCollection.cs
- TabPanel.cs
- ReturnEventArgs.cs
- Classification.cs
- ImageListStreamer.cs
- Span.cs
- TreeViewItemAutomationPeer.cs
- DataContext.cs
- LinkedList.cs
- PhysicalFontFamily.cs
- EventListener.cs
- XmlSerializerAssemblyAttribute.cs
- Sql8ExpressionRewriter.cs
- SessionEndingEventArgs.cs
- SecurityTokenAuthenticator.cs
- WriteLine.cs
- HtmlTableCell.cs
- StaticExtension.cs
- GridViewUpdateEventArgs.cs
- IsolatedStorageFileStream.cs
- ImageListStreamer.cs
- InlinedAggregationOperator.cs
- AmbientProperties.cs
- DataGridViewCellCancelEventArgs.cs
- XsltContext.cs
- XPathNode.cs
- ImageSource.cs
- HelpKeywordAttribute.cs
- AutoSizeToolBoxItem.cs
- InvokeMethod.cs
- X509CertificateStore.cs
- DataSetMappper.cs
- XmlAnyElementAttribute.cs
- TextServicesCompartment.cs
- LocatorPartList.cs
- FormViewDesigner.cs
- PrintPreviewDialog.cs
- RegisterInfo.cs
- MarkupExtensionReturnTypeAttribute.cs
- SeekableReadStream.cs
- WebBrowserNavigatedEventHandler.cs
- Annotation.cs
- OutputCacheProfile.cs
- ReadingWritingEntityEventArgs.cs
- AutomationEvent.cs
- InputMethodStateChangeEventArgs.cs
- ShaderEffect.cs
- TextElementEnumerator.cs
- ThreadAttributes.cs
- SignatureToken.cs
- DetailsViewDeletedEventArgs.cs
- MissingManifestResourceException.cs
- UshortList2.cs
- StorageAssociationTypeMapping.cs