+2007-07-12 Geoff Norton <gnorton@customerdna.com>
+
+ * HttpListenerContext.cs:
+ * HttpListener.cs: Handle HttpListener AuthenticationSchemes
+ Only Basic authentication is included for now.
+
2007-06-30 Gert Driesen <drieseng@users.sourceforge.net>
* NetworkAccess.cs: Only mark as flags enum on 2.0.
wait_queue.RemoveAt (idx);
}
- return ares.GetContext (); // This will throw on error.
+ HttpListenerContext context = ares.GetContext ();
+ if (auth_schemes != AuthenticationSchemes.Anonymous) {
+ context.ParseAuthentication ();
+ }
+ return context; // This will throw on error.
}
public HttpListenerContext GetContext ()
public IPrincipal User {
get { return user; }
}
+
+ internal void ParseAuthentication () {
+ // TODO: Handle NTLM/Digest modes
+ string header = request.Headers ["Authorization"];
+
+ if (header == null || header.Length < 2)
+ return;
+
+ string [] authenticationData = header.Substring (header.IndexOf (":")+1).Split (new char [] {' '});
+
+ if (string.Compare (authenticationData [0], "basic", true) == 0) {
+ user = ParseBasicAuthentication (authenticationData [1]);
+ }
+ }
+
+ internal IPrincipal ParseBasicAuthentication (string authData) {
+ try {
+ // Basic AUTH Data is a formatted Base64 String
+ string domain = null;
+ string user = null;
+ string password = null;
+ int pos = -1;
+ string authString = System.Text.Encoding.Default.GetString (Convert.FromBase64String (authData));
+
+ // The format is DOMAIN\username:password
+ // Domain is optional
+
+ pos = authString.IndexOf (":");
+
+ // parse the password off the end
+ password = authString.Substring (pos+1);
+
+ // discard the password
+ authString = authString.Substring (0, pos);
+
+ // check if there is a domain
+ pos = authString.IndexOf ("\\");
+
+ if (pos > 0) {
+ domain = authString.Substring (0, pos);
+ user = authString.Substring (pos);
+ } else {
+ user = authString;
+ }
+
+ HttpListenerBasicIdentity identity = new HttpListenerBasicIdentity (user, password);
+ // TODO: What are the roles MS sets
+ return new GenericPrincipal (identity, new string [0]);
+ } catch (Exception) {
+ // Invalid auth data is swallowed silently
+ return null;
+ }
+ }
}
}
#endif