Code:
/ Net / Net / 3.5.50727.3053 / DEVDIV / depot / DevDiv / releases / whidbey / netfxsp / ndp / fx / src / xsp / System / Web / Configuration / IdentitySection.cs / 5 / IdentitySection.cs
//------------------------------------------------------------------------------ //// Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- namespace System.Web.Configuration { using System; using System.Xml; using System.Configuration; using System.Collections.Specialized; using System.Collections; using System.IO; using System.Text; using System.Web.Util; using System.Web.Configuration; using System.Security.Permissions; /**/ [AspNetHostingPermission(SecurityAction.LinkDemand, Level=AspNetHostingPermissionLevel.Minimal)] public sealed class IdentitySection : ConfigurationSection { private static ConfigurationPropertyCollection _properties; private static readonly ConfigurationProperty _propImpersonate = new ConfigurationProperty("impersonate", typeof(bool), false, ConfigurationPropertyOptions.None); private static readonly ConfigurationProperty _propUserName = new ConfigurationProperty("userName", typeof(string), String.Empty, ConfigurationPropertyOptions.None); private static readonly ConfigurationProperty _propPassword = new ConfigurationProperty("password", typeof(string), String.Empty, ConfigurationPropertyOptions.None); private ImpersonateTokenRef _impersonateTokenRef = new ImpersonateTokenRef(IntPtr.Zero); private string _username; private string _password; private bool impersonateCache = false; private bool impersonateCached = false; // value not read yet private bool _credentialsValidated; private object _credentialsValidatedLock = new object(); private String error = String.Empty; static IdentitySection() { // Property initialization _properties = new ConfigurationPropertyCollection(); _properties.Add(_propImpersonate); _properties.Add(_propUserName); _properties.Add(_propPassword); } protected override object GetRuntimeObject() { // VSWhidbey 554776: The method ValidateCredentials() is not safe // when multiple threads are accessing it, because the method access // and modify member variables. After reviewing the code, // _impersonateTokenRef.Handle is actually cached, so it is safe to // cache the validation result as a whole. That will avoid // ValidateCredentials() to be called with multiple threads. if (!_credentialsValidated) { lock (_credentialsValidatedLock) { if (!_credentialsValidated) { ValidateCredentials(); _credentialsValidated = true; } } } return base.GetRuntimeObject(); } public IdentitySection() { impersonateCached = false; } protected override ConfigurationPropertyCollection Properties { get { return _properties; } } [ConfigurationProperty("impersonate", DefaultValue = false)] public bool Impersonate { get { if (impersonateCached == false) { impersonateCache = (bool)base[_propImpersonate]; impersonateCached = true; // value has been read now } return impersonateCache; } set { base[_propImpersonate] = value; impersonateCache = value; } } [ConfigurationProperty("userName", DefaultValue = "")] public string UserName { get { return (string)base[_propUserName]; } set { base[_propUserName] = value; } } [ConfigurationProperty("password", DefaultValue = "")] public string Password { get { return (string)base[_propPassword]; } set { base[_propPassword] = value; } } protected override void Reset(ConfigurationElement parentElement) { base.Reset(parentElement); IdentitySection parent = parentElement as IdentitySection; if (parent != null) { _impersonateTokenRef = parent._impersonateTokenRef; // No partial overrides if (Impersonate) { UserName = null; Password = null; _impersonateTokenRef = new ImpersonateTokenRef(IntPtr.Zero); } impersonateCached = false; // We don't want to cache the parent's value! _credentialsValidated = false; } } protected override void Unmerge(ConfigurationElement sourceElement, ConfigurationElement parentElement, ConfigurationSaveMode saveMode) { base.Unmerge(sourceElement, parentElement, saveMode); // do this to unmerge locks IdentitySection source = sourceElement as IdentitySection; if (Impersonate != source.Impersonate) { // this will not be copied by unmerge if it is the same as parent Impersonate = source.Impersonate; // If it is different than expected make sure it is set or validation } // will be missed // this section does not inherit in the same manner since partial overrides are not permitted if (Impersonate) // was impersonate set in the merge { if (source.ElementInformation.Properties[_propUserName.Name].IsModified || source.ElementInformation.Properties[_propPassword.Name].IsModified) { UserName = source.UserName; Password = source.Password; } } } private void ValidateCredentials() { _username = UserName; _password = Password; if (HandlerBase.CheckAndReadRegistryValue(ref _username, false) == false) { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_registry_config), ElementInformation.Source, ElementInformation.LineNumber); } if (HandlerBase.CheckAndReadRegistryValue(ref _password, false) == false) { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_registry_config), ElementInformation.Source, ElementInformation.LineNumber); } if (_username != null && _username.Length < 1) { _username = null; } if (_username != null && Impersonate) { if (_password == null) { _password = String.Empty; } } else if (_password != null && _username == null && _password.Length > 0 && Impersonate) { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_credentials), ElementInformation.Properties["password"].Source, ElementInformation.Properties["password"].LineNumber); } if (Impersonate && ImpersonateToken == IntPtr.Zero && _username != null) { if (error.Length > 0) { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_credentials_2, error), ElementInformation.Properties["userName"].Source, ElementInformation.Properties["userName"].LineNumber); } else { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_credentials), ElementInformation.Properties["userName"].Source, ElementInformation.Properties["userName"].LineNumber); } } } private void InitializeToken() { error = String.Empty; IntPtr token = CreateUserToken(_username, _password, out error); _impersonateTokenRef = new ImpersonateTokenRef(token); if (_impersonateTokenRef.Handle == IntPtr.Zero) { if (error.Length > 0) { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_credentials_2, error), ElementInformation.Properties["userName"].Source, ElementInformation.Properties["userName"].LineNumber); } else { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_credentials), ElementInformation.Properties["userName"].Source, ElementInformation.Properties["userName"].LineNumber); } } } internal IntPtr ImpersonateToken { get { if (_impersonateTokenRef.Handle == IntPtr.Zero) { if (_username != null && Impersonate) { InitializeToken(); } } return _impersonateTokenRef.Handle; } } internal static IntPtr CreateUserToken(String name, String password, out String error) { IntPtr token = IntPtr.Zero; // when using ASP.NET process model call back via ISAPI if (VersionInfo.ExeName == "aspnet_wp") { byte[] bOut = new byte[IntPtr.Size]; byte[] bIn1 = System.Text.Encoding.Unicode.GetBytes(name + "\t" + password); byte[] bIn = new byte[bIn1.Length + 2]; Buffer.BlockCopy(bIn1, 0, bIn, 0, bIn1.Length); if (UnsafeNativeMethods.PMCallISAPI(IntPtr.Zero, UnsafeNativeMethods.CallISAPIFunc.GenerateToken, bIn, bIn.Length, bOut, bOut.Length) == 1) { Int64 iToken = 0; for (int iter = 0; iter < IntPtr.Size; iter++) { iToken = iToken * 256 + bOut[iter]; } token = (IntPtr)iToken; Debug.Trace("Token", "Token " + token + " for (" + name + "," + password + ") obtained via ISAPI"); } } // try to create the token directly if (token == IntPtr.Zero) { StringBuilder errorBuffer = new StringBuilder(256); token = UnsafeNativeMethods.CreateUserToken(name, password, 1, errorBuffer, 256); error = errorBuffer.ToString(); if (token != IntPtr.Zero) { Debug.Trace("Token", "Token " + token + " for (" + name + "," + password + ") obtained directly"); } } else { error = String.Empty; } if (token == IntPtr.Zero) { Debug.Trace("Token", "Failed to create token for (" + name + "," + password + ")"); } return token; } internal ContextInformation ProtectedEvaluationContext { get { return this.EvaluationContext; } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------------------------ // // Copyright (c) Microsoft Corporation. All rights reserved. // //----------------------------------------------------------------------------- namespace System.Web.Configuration { using System; using System.Xml; using System.Configuration; using System.Collections.Specialized; using System.Collections; using System.IO; using System.Text; using System.Web.Util; using System.Web.Configuration; using System.Security.Permissions; /**/ [AspNetHostingPermission(SecurityAction.LinkDemand, Level=AspNetHostingPermissionLevel.Minimal)] public sealed class IdentitySection : ConfigurationSection { private static ConfigurationPropertyCollection _properties; private static readonly ConfigurationProperty _propImpersonate = new ConfigurationProperty("impersonate", typeof(bool), false, ConfigurationPropertyOptions.None); private static readonly ConfigurationProperty _propUserName = new ConfigurationProperty("userName", typeof(string), String.Empty, ConfigurationPropertyOptions.None); private static readonly ConfigurationProperty _propPassword = new ConfigurationProperty("password", typeof(string), String.Empty, ConfigurationPropertyOptions.None); private ImpersonateTokenRef _impersonateTokenRef = new ImpersonateTokenRef(IntPtr.Zero); private string _username; private string _password; private bool impersonateCache = false; private bool impersonateCached = false; // value not read yet private bool _credentialsValidated; private object _credentialsValidatedLock = new object(); private String error = String.Empty; static IdentitySection() { // Property initialization _properties = new ConfigurationPropertyCollection(); _properties.Add(_propImpersonate); _properties.Add(_propUserName); _properties.Add(_propPassword); } protected override object GetRuntimeObject() { // VSWhidbey 554776: The method ValidateCredentials() is not safe // when multiple threads are accessing it, because the method access // and modify member variables. After reviewing the code, // _impersonateTokenRef.Handle is actually cached, so it is safe to // cache the validation result as a whole. That will avoid // ValidateCredentials() to be called with multiple threads. if (!_credentialsValidated) { lock (_credentialsValidatedLock) { if (!_credentialsValidated) { ValidateCredentials(); _credentialsValidated = true; } } } return base.GetRuntimeObject(); } public IdentitySection() { impersonateCached = false; } protected override ConfigurationPropertyCollection Properties { get { return _properties; } } [ConfigurationProperty("impersonate", DefaultValue = false)] public bool Impersonate { get { if (impersonateCached == false) { impersonateCache = (bool)base[_propImpersonate]; impersonateCached = true; // value has been read now } return impersonateCache; } set { base[_propImpersonate] = value; impersonateCache = value; } } [ConfigurationProperty("userName", DefaultValue = "")] public string UserName { get { return (string)base[_propUserName]; } set { base[_propUserName] = value; } } [ConfigurationProperty("password", DefaultValue = "")] public string Password { get { return (string)base[_propPassword]; } set { base[_propPassword] = value; } } protected override void Reset(ConfigurationElement parentElement) { base.Reset(parentElement); IdentitySection parent = parentElement as IdentitySection; if (parent != null) { _impersonateTokenRef = parent._impersonateTokenRef; // No partial overrides if (Impersonate) { UserName = null; Password = null; _impersonateTokenRef = new ImpersonateTokenRef(IntPtr.Zero); } impersonateCached = false; // We don't want to cache the parent's value! _credentialsValidated = false; } } protected override void Unmerge(ConfigurationElement sourceElement, ConfigurationElement parentElement, ConfigurationSaveMode saveMode) { base.Unmerge(sourceElement, parentElement, saveMode); // do this to unmerge locks IdentitySection source = sourceElement as IdentitySection; if (Impersonate != source.Impersonate) { // this will not be copied by unmerge if it is the same as parent Impersonate = source.Impersonate; // If it is different than expected make sure it is set or validation } // will be missed // this section does not inherit in the same manner since partial overrides are not permitted if (Impersonate) // was impersonate set in the merge { if (source.ElementInformation.Properties[_propUserName.Name].IsModified || source.ElementInformation.Properties[_propPassword.Name].IsModified) { UserName = source.UserName; Password = source.Password; } } } private void ValidateCredentials() { _username = UserName; _password = Password; if (HandlerBase.CheckAndReadRegistryValue(ref _username, false) == false) { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_registry_config), ElementInformation.Source, ElementInformation.LineNumber); } if (HandlerBase.CheckAndReadRegistryValue(ref _password, false) == false) { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_registry_config), ElementInformation.Source, ElementInformation.LineNumber); } if (_username != null && _username.Length < 1) { _username = null; } if (_username != null && Impersonate) { if (_password == null) { _password = String.Empty; } } else if (_password != null && _username == null && _password.Length > 0 && Impersonate) { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_credentials), ElementInformation.Properties["password"].Source, ElementInformation.Properties["password"].LineNumber); } if (Impersonate && ImpersonateToken == IntPtr.Zero && _username != null) { if (error.Length > 0) { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_credentials_2, error), ElementInformation.Properties["userName"].Source, ElementInformation.Properties["userName"].LineNumber); } else { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_credentials), ElementInformation.Properties["userName"].Source, ElementInformation.Properties["userName"].LineNumber); } } } private void InitializeToken() { error = String.Empty; IntPtr token = CreateUserToken(_username, _password, out error); _impersonateTokenRef = new ImpersonateTokenRef(token); if (_impersonateTokenRef.Handle == IntPtr.Zero) { if (error.Length > 0) { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_credentials_2, error), ElementInformation.Properties["userName"].Source, ElementInformation.Properties["userName"].LineNumber); } else { throw new ConfigurationErrorsException( SR.GetString(SR.Invalid_credentials), ElementInformation.Properties["userName"].Source, ElementInformation.Properties["userName"].LineNumber); } } } internal IntPtr ImpersonateToken { get { if (_impersonateTokenRef.Handle == IntPtr.Zero) { if (_username != null && Impersonate) { InitializeToken(); } } return _impersonateTokenRef.Handle; } } internal static IntPtr CreateUserToken(String name, String password, out String error) { IntPtr token = IntPtr.Zero; // when using ASP.NET process model call back via ISAPI if (VersionInfo.ExeName == "aspnet_wp") { byte[] bOut = new byte[IntPtr.Size]; byte[] bIn1 = System.Text.Encoding.Unicode.GetBytes(name + "\t" + password); byte[] bIn = new byte[bIn1.Length + 2]; Buffer.BlockCopy(bIn1, 0, bIn, 0, bIn1.Length); if (UnsafeNativeMethods.PMCallISAPI(IntPtr.Zero, UnsafeNativeMethods.CallISAPIFunc.GenerateToken, bIn, bIn.Length, bOut, bOut.Length) == 1) { Int64 iToken = 0; for (int iter = 0; iter < IntPtr.Size; iter++) { iToken = iToken * 256 + bOut[iter]; } token = (IntPtr)iToken; Debug.Trace("Token", "Token " + token + " for (" + name + "," + password + ") obtained via ISAPI"); } } // try to create the token directly if (token == IntPtr.Zero) { StringBuilder errorBuffer = new StringBuilder(256); token = UnsafeNativeMethods.CreateUserToken(name, password, 1, errorBuffer, 256); error = errorBuffer.ToString(); if (token != IntPtr.Zero) { Debug.Trace("Token", "Token " + token + " for (" + name + "," + password + ") obtained directly"); } } else { error = String.Empty; } if (token == IntPtr.Zero) { Debug.Trace("Token", "Failed to create token for (" + name + "," + password + ")"); } return token; } internal ContextInformation ProtectedEvaluationContext { get { return this.EvaluationContext; } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- TimeoutException.cs
- SchemaTypeEmitter.cs
- BitmapEffectInput.cs
- DataRowComparer.cs
- Cursors.cs
- SqlUserDefinedAggregateAttribute.cs
- CLSCompliantAttribute.cs
- SqlError.cs
- RelatedCurrencyManager.cs
- KoreanLunisolarCalendar.cs
- XslVisitor.cs
- TypeSource.cs
- CompositeFontInfo.cs
- StateManagedCollection.cs
- PackageStore.cs
- GridPattern.cs
- QueryValue.cs
- CompressionTransform.cs
- Message.cs
- XPathDescendantIterator.cs
- WebPartDisplayModeCollection.cs
- BinaryQueryOperator.cs
- GridViewPageEventArgs.cs
- UiaCoreProviderApi.cs
- StringToken.cs
- SecurityContext.cs
- BinaryObjectReader.cs
- MailDefinition.cs
- ClientTargetCollection.cs
- PhysicalAddress.cs
- assemblycache.cs
- MemoryFailPoint.cs
- DataMemberListEditor.cs
- AuthenticationException.cs
- GorillaCodec.cs
- XmlAttributeCollection.cs
- TabItemWrapperAutomationPeer.cs
- SignatureGenerator.cs
- Pair.cs
- GridViewSortEventArgs.cs
- xml.cs
- DocumentViewerAutomationPeer.cs
- DropDownHolder.cs
- EntityParameter.cs
- DataBinder.cs
- TextTreeRootNode.cs
- DataBindingCollection.cs
- DataServiceQuery.cs
- CaseExpr.cs
- SequenceRangeCollection.cs
- TypeExtension.cs
- FileAuthorizationModule.cs
- ZipIOExtraFieldPaddingElement.cs
- QilFactory.cs
- filewebrequest.cs
- MapPathBasedVirtualPathProvider.cs
- ClientTargetCollection.cs
- FileDialogPermission.cs
- UIElement3D.cs
- OleServicesContext.cs
- ListChangedEventArgs.cs
- SecurityTokenResolver.cs
- SecurityException.cs
- ellipse.cs
- Ops.cs
- SrgsRuleRef.cs
- InfoCardBaseException.cs
- GC.cs
- CodeThrowExceptionStatement.cs
- TagPrefixCollection.cs
- BaseParser.cs
- ErrorWrapper.cs
- DesignerActionUIStateChangeEventArgs.cs
- TypeUtils.cs
- SecurityPolicySection.cs
- Util.cs
- MailBnfHelper.cs
- RayHitTestParameters.cs
- xdrvalidator.cs
- OpenTypeCommon.cs
- FlowLayoutSettings.cs
- isolationinterop.cs
- SkinBuilder.cs
- BitStack.cs
- TemplateControl.cs
- DeflateEmulationStream.cs
- StateMachineWorkflow.cs
- IntegrationExceptionEventArgs.cs
- XmlIncludeAttribute.cs
- XmlNotation.cs
- ChannelProtectionRequirements.cs
- ToolStripDesignerAvailabilityAttribute.cs
- PerformanceCounterPermission.cs
- UriGenerator.cs
- ApplicationServiceHelper.cs
- TrackingLocationCollection.cs
- PermissionSetTriple.cs
- RowsCopiedEventArgs.cs
- BezierSegment.cs
- IntSecurity.cs