IdentitySection.cs source code in C# .NET

                        
Code:
                         / FX-1434 / FX-1434 / 1.0 / untmp / whidbey / REDBITS / ndp / fx / src / xsp / System / Web / Configuration / IdentitySection.cs / 3 / IdentitySection.cs
                        

                        
                            //------------------------------------------------------------------------------ 
// 
//     Copyright (c) Microsoft Corporation.  All rights reserved.
// 
//----------------------------------------------------------------------------- 

namespace System.Web.Configuration { 
    using System; 
    using System.Xml;
    using System.Configuration; 
    using System.Collections.Specialized;
    using System.Collections;
    using System.IO;
    using System.Text; 
    using System.Web.Util;
    using System.Web.Configuration; 
    using System.Security.Permissions; 

        /*        
             
 
*/
    [AspNetHostingPermission(SecurityAction.LinkDemand, Level=AspNetHostingPermissionLevel.Minimal)] 
    public sealed class IdentitySection : ConfigurationSection {
        private static ConfigurationPropertyCollection _properties;
        private static readonly ConfigurationProperty _propImpersonate =
            new ConfigurationProperty("impersonate", typeof(bool), false, ConfigurationPropertyOptions.None); 
        private static readonly ConfigurationProperty _propUserName =
            new ConfigurationProperty("userName", typeof(string), String.Empty, ConfigurationPropertyOptions.None); 
        private static readonly ConfigurationProperty _propPassword = 
            new ConfigurationProperty("password", typeof(string), String.Empty, ConfigurationPropertyOptions.None);
 
        private ImpersonateTokenRef _impersonateTokenRef = new ImpersonateTokenRef(IntPtr.Zero);

        private string _username;
        private string _password; 
        private bool impersonateCache = false;
        private bool impersonateCached = false; // value not read yet 
        private bool _credentialsValidated; 
        private object _credentialsValidatedLock = new object();
        private String error = String.Empty; 

        static IdentitySection() {
            // Property initialization
            _properties = new ConfigurationPropertyCollection(); 
            _properties.Add(_propImpersonate);
            _properties.Add(_propUserName); 
            _properties.Add(_propPassword); 
        }
 
        protected override object GetRuntimeObject() {
            // VSWhidbey 554776: The method ValidateCredentials() is not safe
            // when multiple threads are accessing it, because the method access
            // and modify member variables.  After reviewing the code, 
            // _impersonateTokenRef.Handle is actually cached, so it is safe to
            // cache the validation result as a whole.  That will avoid 
            // ValidateCredentials() to be called with multiple threads. 
            if (!_credentialsValidated) {
                lock (_credentialsValidatedLock) { 
                    if (!_credentialsValidated) {
                        ValidateCredentials();
                        _credentialsValidated = true;
                    } 
                }
            } 
            return base.GetRuntimeObject(); 
        }
 
        public IdentitySection() {
            impersonateCached = false;
        }
 
        protected override ConfigurationPropertyCollection Properties {
            get { 
                return _properties; 
            }
        } 

        [ConfigurationProperty("impersonate", DefaultValue = false)]
        public bool Impersonate {
            get { 
                if (impersonateCached == false) {
                    impersonateCache = (bool)base[_propImpersonate]; 
                    impersonateCached = true; // value has been read now 
                }
                return impersonateCache; 
            }
            set {
                base[_propImpersonate] = value;
                impersonateCache = value; 
            }
        } 
 
        [ConfigurationProperty("userName", DefaultValue = "")]
        public string UserName { 
            get {
                return (string)base[_propUserName];
            }
            set { 
                base[_propUserName] = value;
            } 
        } 

        [ConfigurationProperty("password", DefaultValue = "")] 
        public string Password {
            get {
                return (string)base[_propPassword];
            } 
            set {
                base[_propPassword] = value; 
            } 
        }
 
        protected override void Reset(ConfigurationElement parentElement) {
            base.Reset(parentElement);
            IdentitySection parent = parentElement as IdentitySection;
            if (parent != null) { 
                _impersonateTokenRef = parent._impersonateTokenRef;
                // No partial overrides 
                if (Impersonate) { 
                    UserName = null;
                    Password = null; 
                    _impersonateTokenRef = new ImpersonateTokenRef(IntPtr.Zero);
                }
                impersonateCached = false; // We don't want to cache the parent's value!
                _credentialsValidated = false; 
            }
        } 
 
        protected override void Unmerge(ConfigurationElement sourceElement,
                                                ConfigurationElement parentElement, 
                                                ConfigurationSaveMode saveMode) {
            base.Unmerge(sourceElement, parentElement, saveMode); // do this to unmerge locks
            IdentitySection source = sourceElement as IdentitySection;
            if (Impersonate != source.Impersonate) { // this will not be copied by unmerge if it is the same as parent 
                Impersonate = source.Impersonate;    // If it is different than expected make sure it is set or validation
            }                                        // will be missed 
            // this section does not inherit in the same manner since partial overrides are not permitted 
            if (Impersonate) // was impersonate set in the merge
            { 
                if (source.ElementInformation.Properties[_propUserName.Name].IsModified ||
                    source.ElementInformation.Properties[_propPassword.Name].IsModified) {
                    UserName = source.UserName;
                    Password = source.Password; 
                }
            } 
        } 
        private void ValidateCredentials() {
            _username = UserName; 
            _password = Password;

            if (HandlerBase.CheckAndReadRegistryValue(ref _username, false) == false) {
                throw new ConfigurationErrorsException( 
                    SR.GetString(SR.Invalid_registry_config),
                    ElementInformation.Source, ElementInformation.LineNumber); 
            } 
            if (HandlerBase.CheckAndReadRegistryValue(ref _password, false) == false) {
                throw new ConfigurationErrorsException( 
                    SR.GetString(SR.Invalid_registry_config),
                    ElementInformation.Source,
                    ElementInformation.LineNumber);
            } 

            if (_username != null && _username.Length < 1) { 
                _username = null; 
            }
 
            if (_username != null && Impersonate) {
                if (_password == null) {
                    _password = String.Empty;
                } 
            }
            else if (_password != null && _username == null && _password.Length > 0 && Impersonate) { 
                throw new ConfigurationErrorsException( 
                    SR.GetString(SR.Invalid_credentials),
                    ElementInformation.Properties["password"].Source, 
                    ElementInformation.Properties["password"].LineNumber);
            }
            if (Impersonate && ImpersonateToken == IntPtr.Zero && _username != null) {
                if (error.Length > 0) { 
                    throw new ConfigurationErrorsException(
                        SR.GetString(SR.Invalid_credentials_2, error), 
                        ElementInformation.Properties["userName"].Source, 
                        ElementInformation.Properties["userName"].LineNumber);
                } 
                else {
                    throw new ConfigurationErrorsException(
                        SR.GetString(SR.Invalid_credentials),
                        ElementInformation.Properties["userName"].Source, 
                        ElementInformation.Properties["userName"].LineNumber);
                } 
            } 
        }
 
        private void InitializeToken() {
            error = String.Empty;
            IntPtr token = CreateUserToken(_username, _password, out error);
 
            _impersonateTokenRef = new ImpersonateTokenRef(token);
 
            if (_impersonateTokenRef.Handle == IntPtr.Zero) { 
                if (error.Length > 0) {
                    throw new ConfigurationErrorsException( 
                        SR.GetString(SR.Invalid_credentials_2, error),
                        ElementInformation.Properties["userName"].Source,
                        ElementInformation.Properties["userName"].LineNumber);
                } 
                else {
                    throw new ConfigurationErrorsException( 
                        SR.GetString(SR.Invalid_credentials), 
                        ElementInformation.Properties["userName"].Source,
                        ElementInformation.Properties["userName"].LineNumber); 
                }
            }
        }
 
        internal IntPtr ImpersonateToken {
            get { 
                if (_impersonateTokenRef.Handle == IntPtr.Zero) { 
                    if (_username != null && Impersonate) {
                        InitializeToken(); 
                    }
                }
                return _impersonateTokenRef.Handle;
            } 
        }
 
        internal static IntPtr CreateUserToken(String name, String password, out String error) { 
            IntPtr token = IntPtr.Zero;
            // when using ASP.NET process model call back via ISAPI 
            if (VersionInfo.ExeName == "aspnet_wp") {
                byte[] bOut = new byte[IntPtr.Size];
                byte[] bIn1 = System.Text.Encoding.Unicode.GetBytes(name + "\t" + password);
                byte[] bIn = new byte[bIn1.Length + 2]; 
                Buffer.BlockCopy(bIn1, 0, bIn, 0, bIn1.Length);
 
                if (UnsafeNativeMethods.PMCallISAPI(IntPtr.Zero, 
                                UnsafeNativeMethods.CallISAPIFunc.GenerateToken,
                                bIn, 
                                bIn.Length,
                                bOut,
                                bOut.Length) == 1) {
                    Int64 iToken = 0; 
                    for (int iter = 0; iter < IntPtr.Size; iter++) {
                        iToken = iToken * 256 + bOut[iter]; 
                    } 
                    token = (IntPtr)iToken;
 
                    Debug.Trace("Token", "Token " + token + " for (" + name + "," + password + ") obtained via ISAPI");
                }
            }
            // try to create the token directly 
            if (token == IntPtr.Zero) {
                StringBuilder errorBuffer = new StringBuilder(256); 
                token = UnsafeNativeMethods.CreateUserToken(name, password, 1, errorBuffer, 256); 
                error = errorBuffer.ToString();
 
                if (token != IntPtr.Zero) {
                    Debug.Trace("Token", "Token " + token + " for (" + name + "," + password + ") obtained directly");
                }
            } 
            else {
                error = String.Empty; 
            } 

            if (token == IntPtr.Zero) { 
                Debug.Trace("Token", "Failed to create token for (" + name + "," + password + ")");
            }

            return token; 
        }
 
        internal ContextInformation ProtectedEvaluationContext { 
            get {
                return this.EvaluationContext; 
            }
        }
    }
} 


                        

                        

                        
                        

Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK

• BindingElementExtensionElement.cs
• TextEditorThreadLocalStore.cs
• BuildResult.cs
• OrderByBuilder.cs
• ClickablePoint.cs
• ValueUtilsSmi.cs
• HttpResponseBase.cs
• Latin1Encoding.cs
• Transform3DGroup.cs
• ExpressionHelper.cs
• TextSpan.cs
• BaseConfigurationRecord.cs
• BaseTreeIterator.cs
• ResourceWriter.cs
• TTSEngineTypes.cs
• RadioButton.cs
• FunctionQuery.cs
• PipelineModuleStepContainer.cs
• SocketInformation.cs
• AssociatedControlConverter.cs
• DataGridViewTopRowAccessibleObject.cs
• FontCollection.cs
• XMLSyntaxException.cs
• DataService.cs
• LambdaCompiler.ControlFlow.cs
• CellLabel.cs
• InternalUserCancelledException.cs
• SQLByte.cs
• CommandLibraryHelper.cs
• BitmapMetadataBlob.cs
• TimerEventSubscriptionCollection.cs
• LinqDataSourceContextEventArgs.cs
• CodeSubDirectoriesCollection.cs
• StreamWithDictionary.cs
• SizeValueSerializer.cs
• TypeDelegator.cs
• DoWorkEventArgs.cs
• OutputCacheSection.cs
• UInt64Storage.cs
• Converter.cs
• XmlTextEncoder.cs
• ResourceReferenceExpression.cs
• EventLogEntry.cs
• BinaryFormatterSinks.cs
• ForwardPositionQuery.cs
• LassoHelper.cs
• OnOperation.cs
• PropertyReferenceExtension.cs
• basenumberconverter.cs
• EasingKeyFrames.cs
• DoubleAnimationUsingPath.cs
• ToolStripContainerDesigner.cs
• RegexTree.cs
• CanExecuteRoutedEventArgs.cs
• FixedSOMTableRow.cs
• SystemPens.cs
• QuaternionAnimation.cs
• DataSetUtil.cs
• InstrumentationTracker.cs
• SecondaryViewProvider.cs
• LambdaCompiler.Expressions.cs
• DateTimeFormatInfo.cs
• TargetControlTypeAttribute.cs
• ListViewEditEventArgs.cs
• Message.cs
• CompressStream.cs
• CancellableEnumerable.cs
• TemplateBindingExtension.cs
• PatternMatcher.cs
• ThreadAttributes.cs
• OdbcPermission.cs
• HtmlInputHidden.cs
• MethodResolver.cs
• AppDomainGrammarProxy.cs
• FileDialog_Vista_Interop.cs
• MobileSysDescriptionAttribute.cs
• WindowsGraphicsWrapper.cs
• ExpressionCopier.cs
• brushes.cs
• InvalidWMPVersionException.cs
• UrlPath.cs
• _UriTypeConverter.cs
• FrameSecurityDescriptor.cs
• DocumentPageTextView.cs
• SemanticBasicElement.cs
• HttpCapabilitiesEvaluator.cs
• ThicknessKeyFrameCollection.cs
• Light.cs
• AnonymousIdentificationModule.cs
• WorkflowOperationContext.cs
• DataListItemEventArgs.cs
• IsolatedStoragePermission.cs
• TreeView.cs
• EllipseGeometry.cs
• httpapplicationstate.cs
• DataGridView.cs
• WebUtility.cs
• HttpClientCertificate.cs
• DataTableMappingCollection.cs
• SqlReferenceCollection.cs