// http://www.rassoc.com/gregr/weblog/stories/2002/07/09/webServicesSecurityHttpDigestAuthenticationWithoutActiveDirectory.html
//
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+//
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
using System;
using System.Collections.Specialized;
using System.Configuration;
return (DateTime.Now <= expireTime);
}
+ protected virtual bool GetUserByName (HttpApplication app, string username,
+ out string password, out string[] roles)
+ {
+ password = String.Empty;
+ roles = new string[0];
+
+ string userFileName = app.Request.MapPath (ConfigurationSettings.AppSettings ["Digest.Users"]);
+ if (userFileName == null || !File.Exists (userFileName))
+ return false;
+
+ XmlDocument userDoc = new XmlDocument ();
+ userDoc.Load (userFileName);
+
+ string xPath = String.Format ("/users/user[@name='{0}']", username);
+ XmlNode user = userDoc.SelectSingleNode (xPath);
+
+ if (user == null)
+ return false;
+
+ password = user.Attributes ["password"].Value;
+
+ XmlNodeList roleNodes = user.SelectNodes ("role");
+ roles = new string [roleNodes.Count];
+ int i = 0;
+ foreach (XmlNode xn in roleNodes)
+ roles [i++] = xn.Attributes ["name"].Value;
+
+ return true;
+ }
+
protected override bool AcceptCredentials (HttpApplication app, string authentication)
{
// digest
}
string username = (string) reqInfo ["username"];
+ string password;
+ string[] roles;
- string userFileName = app.Request.MapPath (ConfigurationSettings.AppSettings ["Digest.Users"]);
- if (userFileName == null || !File.Exists (userFileName))
+ if (!GetUserByName (app, username, out password, out roles))
return false;
- XmlDocument userDoc = new XmlDocument ();
- userDoc.Load (userFileName);
-
- string xPath = String.Format ("/users/user[@name='{0}']", username);
- XmlNode user = userDoc.SelectSingleNode (xPath);
-
- if (user == null)
- return false;
-
- string password = user.Attributes ["password"].Value;
string realm = ConfigurationSettings.AppSettings ["Digest.Realm"];
// calculate the Digest hashes
bool result = (((string)reqInfo["response"] == hashedDigest) && (!isNonceStale));
if (result) {
- XmlNodeList roleNodes = user.SelectNodes ("role");
- string[] roles = new string [roleNodes.Count];
- int i = 0;
- foreach (XmlNode xn in roleNodes)
- roles [i++] = xn.Attributes ["name"].Value;
-
IIdentity id = new GenericIdentity (username, AuthenticationMethod);
app.Context.User = new GenericPrincipal (id, roles);
}