-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathModule.cpp
More file actions
157 lines (131 loc) · 3.41 KB
/
Module.cpp
File metadata and controls
157 lines (131 loc) · 3.41 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
#define _WINSOCKAPI_
#include <windows.h>
#include <sal.h>
#include <httpserv.h>
#include <iostream>
#include <sstream>
class User : public IHttpUser
{
public:
User(IHttpUser* user) : m_user(user)
{
user->ReferenceUser();
m_refs = 1;
}
PCWSTR GetRemoteUserName(VOID)
{
return m_user->GetRemoteUserName();
}
PCWSTR GetUserName(VOID)
{
return m_user->GetUserName();
}
PCWSTR GetAuthenticationType(VOID)
{
return m_user->GetAuthenticationType();
}
PCWSTR GetPassword(VOID)
{
return m_user->GetPassword();
}
HANDLE GetImpersonationToken(VOID)
{
return m_user->GetImpersonationToken();
}
// This method returns the primary token if it is != NULL && != INVALID
// Otherwise it will return the value of GetImpersonationToken()
HANDLE GetPrimaryToken(VOID)
{
HANDLE token = m_user->GetPrimaryToken();
if (token == NULL || token == INVALID_HANDLE_VALUE)
{
token = m_user->GetImpersonationToken();
}
return token;
}
VOID ReferenceUser(VOID)
{
InterlockedIncrement(&m_refs);
}
VOID DereferenceUser(VOID)
{
if (0 == InterlockedDecrement(&m_refs))
{
delete this;
}
}
BOOL SupportsIsInRole(VOID)
{
return m_user->SupportsIsInRole();
}
HRESULT IsInRole(IN PCWSTR pszRoleName, OUT BOOL* pfInRole)
{
return m_user->IsInRole(pszRoleName, pfInRole);
}
PVOID GetUserVariable(IN PCSTR pszVariableName)
{
return m_user->GetUserVariable(pszVariableName);
}
private:
IHttpUser* m_user;
LONG m_refs;
virtual ~User()
{
m_user->DereferenceUser();
}
};
static bool EndsWithIgnoreCase(PCWSTR str, PCWSTR suffix)
{
size_t stringLength = wcslen(str);
size_t suffixLength = wcslen(suffix);
return (stringLength >= suffixLength) && _wcsicmp(str + (stringLength - suffixLength), suffix) == 0;
}
class CoreWcfWinAuthHandler : public CHttpModule
{
public:
REQUEST_NOTIFICATION_STATUS OnAuthenticateRequest(_In_ IHttpContext* pHttpContext, _In_ IAuthenticationProvider* pProvider)
{
IHttpUser* user = pHttpContext->GetUser();
if (user != NULL && (_wcsicmp(user->GetAuthenticationType(), L"negotiate") == 0 || _wcsicmp(user->GetAuthenticationType(), L"ntlm") == 0))
{
PCWSTR absPath = pHttpContext->GetRequest()->GetRawHttpRequest()->CookedUrl.pAbsPath;
if (EndsWithIgnoreCase(absPath, L".svc") || EndsWithIgnoreCase(absPath, L".svc?wsdl"))
{
// Looks like a request to a WCF service
pProvider->SetUser(new User(user));
}
}
// Return processing to the pipeline.
return RQ_NOTIFICATION_CONTINUE;
}
};
class CoreWcfWinAuthHandlerFactory : public IHttpModuleFactory
{
public:
HRESULT GetHttpModule(OUT CHttpModule** ppModule, IN IModuleAllocator* pAllocator)
{
UNREFERENCED_PARAMETER(pAllocator);
CoreWcfWinAuthHandler* pModule = new CoreWcfWinAuthHandler();
if (!pModule)
{
return HRESULT_FROM_WIN32(ERROR_NOT_ENOUGH_MEMORY);
}
else
{
*ppModule = pModule;
return S_OK;
}
}
void Terminate()
{
delete this;
}
};
// called by IIS
HRESULT __stdcall RegisterModule(DWORD dwServerVersion, IHttpModuleRegistrationInfo* pModuleInfo, IHttpServer* pGlobalInfo)
{
UNREFERENCED_PARAMETER(dwServerVersion);
UNREFERENCED_PARAMETER(pGlobalInfo);
// Set the request notifications and exit.
return pModuleInfo->SetRequestNotifications(new CoreWcfWinAuthHandlerFactory(), RQ_AUTHENTICATE_REQUEST, 0);
}