Click here to Skip to main content
15,893,594 members
Search within:


Articles / Security
 

N - tier project with WCF OData service, Entity Framework, MVC3.0, Ninject DI, jSOn.net and Automapper

Rate me:
Please Sign up or sign in to vote.
4.62/5 (5 votes)
10 Dec 2012CPOL3 min read 39.6K   1.9K   41  
N-Tier application with WCF Odata service and Entity Framework.
 
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Security.Principal;
using System.Text;

namespace AuthenticationProvider
{
    public class BasicAuthenticationProvider
    {
        public static bool Authenticate(HttpContext context)
        {
            if (!HttpContext.Current.Request.Headers.AllKeys.Contains("Authorization"))
                return false;

            string authHeader = HttpContext.Current.Request.Headers["Authorization"];

            IPrincipal principal;
            if (TryGetPrincipal(authHeader, out principal))
            {
                HttpContext.Current.User = principal;
                return true;
            }
            return false;
        }
        private static bool TryGetPrincipal(string authHeader, out IPrincipal principal)
        {
            var creds = ParseAuthHeader(authHeader);
            if (creds != null && TryGetPrincipal(creds, out principal))
                return true;

            principal = null;
            return false;
        }
        private static string[] ParseAuthHeader(string authHeader)
        {
            if (
                authHeader == null ||
                authHeader.Length == 0 ||
                !authHeader.StartsWith("Basic")
            ) return null;

            // Pull out the Credentials with are seperated by ':' and Base64 encoded
            string base64Credentials = authHeader.Substring(6);
            string[] credentials = Encoding.ASCII.GetString(
                Convert.FromBase64String(base64Credentials)
            ).Split(new char[] { ':' });

            if (credentials.Length != 2 ||
                string.IsNullOrEmpty(credentials[0]) ||
                string.IsNullOrEmpty(credentials[0])
            ) return null;

            // Okay this is the credentials
            return credentials;
        }
        private static bool TryGetPrincipal(string[] creds, out IPrincipal principal)
        {
            if (Encryption.DecryptString(creds[0]) == "Administrator" && Encryption.DecryptString(creds[1]) == "SecurePassword")
            {
                principal = new GenericPrincipal(
                   new GenericIdentity("Administrator"),
                   new string[] { "Administrator", "User" }
                );
                return true;
            }
            else if (creds[0] == "JoeBlogs" && creds[1] == "Password")
            {
                principal = new GenericPrincipal(
                   new GenericIdentity("JoeBlogs"),
                   new string[] { "User" }
                );
                return true;
            }
            else
            {
                principal = null;
                return false;
            }
        }
    }
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
Vijay Tanwar
Software Developer (Senior) Nagarro Softwares
India India
I am vijay tanwar and i am a software engineer with passion of programming. I love to programming in c#, I love to warp up more and more things in few lines of code. my favirote languages are c# and javascript and both are fully object oriended. I always like to become the .net Architect.

Comments and Discussions

Permalink
Advertise
Privacy
Cookies
Terms of Use
Layout: fixed | fluid

Posted 10 Dec 2012

Article Copyright 2012 by Vijay Tanwar
Everything else Copyright © CodeProject, 1999-2024

Web01 2.8:2024-04-02:1