archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-server-2003/inetsrv/iis/admin/snapin/authent.cpp

550 lines
15 KiB
Raw Permalink Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1994-2001 Microsoft Corporation
  5. Module Name :
  6. authent.cpp
  8. Abstract:
  9. WWW Authentication Dialog
  11. Author:
  12. Ronald Meijer (ronaldm)
  13. Sergei Antonov (sergeia)
  15. Project:
  16. Internet Services Manager
  18. Revision History:
  20. --*/
  21. #include "stdafx.h"
  22. #include "resource.h"
  23. #include "common.h"
  24. #include "inetprop.h"
  25. #include "inetmgrapp.h"
  26. #include "supdlgs.h"
  27. #include "certmap.h"
  28. #include "authent.h"
  29. #define INITGUID
  30. #include <initguid.h>
  31. #include <dsclient.h>
  32. #include <wincrui.h>
  33. #include <Dsgetdc.h>
  34. #include <Lm.h>
  36. #ifdef _DEBUG
  37. #define new DEBUG_NEW
  38. #undef THIS_FILE
  39. static char THIS_FILE[] = __FILE__;
  40. #endif
  42. #define HIDD_DOMAINACCTS 0x50334
  44. CAuthenticationDlg::CAuthenticationDlg(
  45. IN LPCTSTR lpstrServerName,
  46. IN DWORD dwInstance,
  47. IN CString & strBasicDomain,
  48. IN CString & strRealm,
  49. IN DWORD & dwAuthFlags,
  50. IN DWORD & dwAccessPermissions,
  51. IN CString & strUserName,
  52. IN CStrPassword & strPassword,
  53. IN BOOL & fPasswordSync,
  54. IN BOOL fAdminAccess,
  55. IN BOOL fHasDigest,
  56. IN CWnd * pParent OPTIONAL
  57. )
  58. /*++
  60. Routine Description:
  62. Authentication dialog constructor
  64. Arguments:
  66. LPCTSTR lpstrServerName : Server name
  67. DWORD dwInstance : Instance number
  68. CString & strBasicDomain : Basic domain name
  69. DWORD & dwAuthFlags : Authorization flags
  70. DWORD & dwAccessPermissions : Access permissions
  71. CString & strUserName : Anonymous user name
  72. CStrPassword & strPassword : Anonymous user pwd
  73. BOOL & fPasswordSync : Password sync setting
  74. BOOL fAdminAccess : TRUE if user has admin access
  75. BOOL fHasDigest : TRUE if machine supports digest auth.
  76. CWnd * pParent : Optional parent window
  78. Return Value:
  80. N/A
  82. --*/
  83. : CDialog(CAuthenticationDlg::IDD, pParent),
  84. m_strServerName(lpstrServerName),
  85. m_strBasicDomain(strBasicDomain),
  86. m_strRealm(strRealm),
  87. m_strUserName(strUserName),
  88. m_strPassword(strPassword),
  89. m_dwInstance(dwInstance),
  90. m_dwAuthFlags(dwAuthFlags),
  91. m_dwAccessPermissions(dwAccessPermissions),
  92. m_fAdminAccess(fAdminAccess),
  93. m_fHasDigest(fHasDigest),
  94. m_fPasswordSync(fPasswordSync),
  95. m_fPasswordSyncChanged(FALSE),
  96. m_fUserNameChanged(FALSE),
  97. m_fPasswordSyncMsgShown(FALSE),
  98. m_fChanged(FALSE),
  99. m_fInDomain(TRUE),
  100. m_fHasPassport(TRUE)
  101. {
  102. #if 0 // Class Wizard happy
  103. //{{AFX_DATA_INIT(CAuthenticationDlg)
  104. m_fClearText = FALSE;
  105. m_fDigest = FALSE;
  106. m_fChallengeResponse = FALSE;
  107. m_fAnonymous = FALSE;
  108. //}}AFX_DATA_INIT
  110. #endif // 0
  112. m_fClearText = IS_FLAG_SET(m_dwAuthFlags, MD_AUTH_BASIC);
  113. m_fDigest = IS_FLAG_SET(m_dwAuthFlags, MD_AUTH_MD5);
  114. m_fChallengeResponse = IS_FLAG_SET(m_dwAuthFlags, MD_AUTH_NT);
  115. m_fAnonymous = IS_FLAG_SET(m_dwAuthFlags, MD_AUTH_ANONYMOUS);
  116. m_fPassport = IS_FLAG_SET(m_dwAuthFlags, MD_AUTH_PASSPORT);
  117. }
  120. void
  121. CAuthenticationDlg::DoDataExchange(
  122. IN CDataExchange * pDX
  123. )
  124. {
  125. if (pDX->m_bSaveAndValidate && !m_fChanged)
  126. {
  127. return;
  128. }
  129. CDialog::DoDataExchange(pDX);
  130. //{{AFX_DATA_MAP(CAuthenticationDlg)
  131. DDX_Control(pDX, IDC_CHECK_ANONYMOUS, m_check_Anonymous);
  132. DDX_Check(pDX, IDC_CHECK_ANONYMOUS, m_fAnonymous);
  133. DDX_Control(pDX, IDC_EDIT_USERNAME, m_edit_UserName);
  134. DDX_Control(pDX, IDC_EDIT_PASSWORD, m_edit_Password);
  135. DDX_Check(pDX, IDC_CHECK_ENABLE_PW_SYNCHRONIZATION, m_fPasswordSync);
  136. DDX_Control(pDX, IDC_CHECK_ENABLE_PW_SYNCHRONIZATION, m_chk_PasswordSync);
  137. DDX_Check(pDX, IDC_CHECK_CLEAR_TEXT, m_fClearText);
  138. DDX_Check(pDX, IDC_CHECK_DIGEST, m_fDigest);
  139. DDX_Check(pDX, IDC_CHECK_NT_CHALLENGE_RESPONSE, m_fChallengeResponse);
  140. DDX_Check(pDX, IDC_PASSPORT, m_fPassport);
  141. DDX_Control(pDX, IDC_CHECK_NT_CHALLENGE_RESPONSE, m_check_ChallengeResponse);
  142. DDX_Control(pDX, IDC_CHECK_DIGEST, m_check_Digest);
  143. DDX_Control(pDX, IDC_CHECK_CLEAR_TEXT, m_check_ClearText);
  144. DDX_Control(pDX, IDC_BASDOM, m_edit_BasicDomain);
  145. DDX_Control(pDX, IDC_BASDOM_SELECT, m_btn_SelectDomain);
  146. DDX_Control(pDX, IDC_REALM, m_edit_Realm);
  147. DDX_Control(pDX, IDC_REALM_SELECT, m_btn_SelectRealm);
  148. DDX_Control(pDX, IDC_PASSPORT, m_chk_Passport);
  149. //}}AFX_DATA_MAP
  150. DDX_Text(pDX, IDC_EDIT_USERNAME, m_strUserName);
  151. DDV_MinMaxChars(pDX, m_strUserName, 1, UNLEN);
  152. DDX_Text(pDX, IDC_BASDOM, m_strBasicDomain);
  153. DDX_Text(pDX, IDC_REALM, m_strRealm);
  154. //
  155. // Some people have a tendency to add "\\" before
  156. // the computer name in user accounts. Fix this here.
  157. //
  158. m_strUserName.TrimLeft();
  159. while (*m_strUserName == '\\')
  160. {
  161. m_strUserName = m_strUserName.Mid(2);
  162. }
  164. //
  165. // Display the remote password sync message if
  166. // password sync is on, the account is not local,
  167. // password sync has changed or username has changed
  168. // and the message hasn't already be shown.
  169. //
  170. if (pDX->m_bSaveAndValidate)
  171. {
  172. BOOL bLocal;
  173. CString user, domain;
  174. CError err = CredUIParseUserName(
  175. m_strUserName,
  176. user.GetBuffer(CRED_MAX_USERNAME_LENGTH), CRED_MAX_USERNAME_LENGTH,
  177. domain.GetBuffer(MAX_PATH), MAX_PATH);
  178. user.ReleaseBuffer();
  179. domain.ReleaseBuffer();
  180. bLocal = domain.IsEmpty() || domain.CompareNoCase(m_strServerName) == 0;
  181. if (m_dwVersionMajor < 6)
  182. {
  183. if (m_fPasswordSync && !bLocal
  184. && (m_fPasswordSyncChanged || m_fUserNameChanged)
  185. && !m_fPasswordSyncMsgShown
  186. )
  187. {
  188. //
  189. // Don't show it again
  190. //
  191. m_fPasswordSyncMsgShown = TRUE;
  192. if (IDYES != ::AfxMessageBox(IDS_WRN_PWSYNC, MB_YESNO | MB_DEFBUTTON2 | MB_ICONQUESTION ))
  193. {
  194. pDX->Fail();
  195. }
  196. }
  197. }
  199. // See if we need to get the new password...
  200. if (m_fAnonymous)
  201. {
  202. // only save password/and ask for password confirmation
  203. // if anonymous is enabled.
  204. DDX_Password_SecuredString(pDX, IDC_EDIT_PASSWORD, m_strPassword, g_lpszDummyPassword);
  205. }
  207. // Convert to standard domain\user format
  208. if (!bLocal)
  209. {
  210. m_strUserName = domain;
  211. m_strUserName += _T('\\');
  212. m_strUserName += user;
  213. }
  214. }
  215. else
  216. {
  217. DDX_Password_SecuredString(pDX, IDC_EDIT_PASSWORD, m_strPassword, g_lpszDummyPassword);
  218. }
  220. if (!m_fPasswordSync)
  221. {
  222. DDV_MaxCharsBalloon_SecuredString(pDX, m_strPassword, PWLEN);
  223. }
  225. if (pDX->m_bSaveAndValidate)
  226. {
  227. m_fChanged = FALSE;
  228. }
  230. //CString csTempPassword;m_strPassword.CopyTo(csTempPassword);
  231. }
  235. //
  236. // Message Map
  237. //
  238. BEGIN_MESSAGE_MAP(CAuthenticationDlg, CDialog)
  239. //{{AFX_MSG_MAP(CAuthenticationDlg)
  240. ON_BN_CLICKED(IDC_CHECK_ANONYMOUS, OnCheckAnonymous)
  241. ON_BN_CLICKED(IDC_BUTTON_BROWSE_USERS, OnButtonBrowseUsers)
  242. ON_BN_CLICKED(IDC_CHECK_ENABLE_PW_SYNCHRONIZATION, OnCheckEnablePwSynchronization)
  243. ON_EN_CHANGE(IDC_EDIT_USERNAME, OnChangeEditUsername)
  244. ON_BN_CLICKED(IDC_CHECK_CLEAR_TEXT, OnCheckClearText)
  245. ON_BN_CLICKED(IDC_CHECK_DIGEST, OnCheckDigest)
  246. ON_BN_CLICKED(IDC_CHECK_NT_CHALLENGE_RESPONSE, OnItemChanged)
  247. ON_BN_CLICKED(IDC_BASDOM_SELECT, OnButtonSelectDomain)
  248. ON_BN_CLICKED(IDC_REALM_SELECT, OnButtonSelectRealm)
  249. ON_BN_CLICKED(IDC_PASSPORT, OnCheckPassport)
  250. //}}AFX_MSG_MAP
  251. ON_EN_CHANGE(IDC_EDIT_PASSWORD, OnItemChanged)
  252. ON_EN_CHANGE(IDC_EDIT_DOMAIN_NAME, OnItemChanged)
  253. ON_EN_CHANGE(IDC_BASDOM, OnItemChanged)
  254. ON_EN_CHANGE(IDC_REALM, OnItemChanged)
  255. END_MESSAGE_MAP()
  257. void
  258. CAuthenticationDlg::OnItemChanged()
  259. {
  260. m_fChanged = TRUE;
  261. }
  263. void
  264. CAuthenticationDlg::SetControlStates()
  265. /*++
  267. Routine Description:
  268. Set control states depending on current data in the dialog
  270. --*/
  271. {
  272. m_edit_UserName.EnableWindow(m_fAnonymous);
  273. GetDlgItem(IDC_BUTTON_BROWSE_USERS)->EnableWindow(m_fAnonymous);
  274. m_chk_PasswordSync.EnableWindow(m_dwVersionMajor < 6 && m_fAnonymous);
  275. m_edit_Password.EnableWindow((m_dwVersionMajor >= 6 || !m_fPasswordSync) && m_fAnonymous);
  276. // Windows
  277. m_check_ChallengeResponse.EnableWindow(!m_fPassport);
  278. // Basic
  279. m_check_ClearText.EnableWindow(!m_fPassport);
  280. // Digest
  281. m_check_Digest.EnableWindow(m_fHasDigest && !m_fPassport);
  282. // disable both domain fields if nothing is selected
  283. GetDlgItem(IDC_STATIC_DOMAIN)->EnableWindow(FALSE);
  284. m_edit_BasicDomain.EnableWindow(FALSE);
  285. m_btn_SelectDomain.EnableWindow(FALSE);
  286. GetDlgItem(IDC_STATIC_REALM)->EnableWindow(FALSE);
  287. m_edit_Realm.EnableWindow(FALSE);
  288. m_btn_SelectRealm.EnableWindow(FALSE);
  290. if (m_fPassport)
  291. {
  292. GetDlgItem(IDC_STATIC_DOMAIN)->EnableWindow(TRUE);
  293. m_edit_BasicDomain.EnableWindow(TRUE);
  294. m_btn_SelectDomain.EnableWindow(m_fInDomain);
  295. }
  296. else
  297. {
  298. if (m_fDigest && !m_fClearText)
  299. {
  300. GetDlgItem(IDC_STATIC_REALM)->EnableWindow(TRUE);
  301. m_edit_Realm.EnableWindow(TRUE);
  302. m_btn_SelectRealm.EnableWindow(m_fInDomain);
  303. }
  304. else if (m_fClearText)
  305. {
  306. GetDlgItem(IDC_STATIC_REALM)->EnableWindow(TRUE);
  307. m_edit_Realm.EnableWindow(TRUE);
  308. m_btn_SelectRealm.EnableWindow(m_fInDomain);
  310. GetDlgItem(IDC_STATIC_DOMAIN)->EnableWindow(TRUE);
  311. m_edit_BasicDomain.EnableWindow(TRUE);
  312. m_btn_SelectDomain.EnableWindow(m_fInDomain);
  313. }
  314. }
  315. }
  317. BOOL
  318. CAuthenticationDlg::OnInitDialog()
  319. {
  320. CDialog::OnInitDialog();
  322. // Check if computer is joined to domain
  323. COMPUTER_NAME_FORMAT fmt = ComputerNamePhysicalDnsDomain;
  324. TCHAR buf[MAX_PATH];
  325. DWORD n = MAX_PATH;
  326. m_fInDomain = (GetComputerNameEx(fmt, buf, &n) && n > 0);
  328. SetControlStates();
  330. if (m_dwVersionMajor < 6)
  331. {
  332. // Show/Hide Passport stuff
  333. m_chk_Passport.EnableWindow(FALSE);
  334. }
  335. else
  336. {
  337. // Hide password syncronization
  338. GetDlgItem(IDC_CHECK_ENABLE_PW_SYNCHRONIZATION)->EnableWindow(FALSE);
  339. GetDlgItem(IDC_CHECK_ENABLE_PW_SYNCHRONIZATION)->ShowWindow(SW_HIDE);
  340. m_fPasswordSync = FALSE;
  341. m_fPasswordSyncChanged = FALSE;
  342. m_fPasswordSyncMsgShown = TRUE;
  343. }
  345. return TRUE;
  346. }
  348. void
  349. CAuthenticationDlg::OnButtonBrowseUsers()
  350. {
  351. CString str;
  353. if (GetIUsrAccount(m_strServerName, this, str))
  354. {
  355. //
  356. // If the name is non-local (determined by having
  357. // a slash in the name, password sync is disabled,
  358. // and a password should be entered.
  359. //
  360. m_edit_UserName.SetWindowText(str);
  361. CString user, domain;
  362. CError err = CredUIParseUserName(str,
  363. user.GetBuffer(CRED_MAX_USERNAME_LENGTH), CRED_MAX_USERNAME_LENGTH,
  364. domain.GetBuffer(MAX_PATH), MAX_PATH);
  365. user.ReleaseBuffer();
  366. domain.ReleaseBuffer();
  367. if (m_dwVersionMajor < 6)
  368. {
  369. m_fPasswordSync =
  370. domain.IsEmpty() || domain.CompareNoCase(m_strServerName) == 0;
  371. m_chk_PasswordSync.SetCheck(m_fPasswordSync);
  372. }
  373. if (!m_fPasswordSync)
  374. {
  375. m_edit_Password.SetWindowText(_T(""));
  376. m_edit_Password.SetFocus();
  377. }
  378. OnItemChanged();
  379. }
  380. }
  382. void CAuthenticationDlg::OnButtonSelectDomain()
  383. {
  384. HRESULT hr = BrowseDomain(m_strBasicDomain);
  385. if (SUCCEEDED(hr))
  386. {
  387. UpdateData(FALSE);
  388. OnItemChanged();
  389. }
  390. }
  392. void CAuthenticationDlg::OnButtonSelectRealm()
  393. {
  394. HRESULT hr = BrowseDomain(m_strRealm);
  395. if (SUCCEEDED(hr))
  396. {
  397. UpdateData(FALSE);
  398. OnItemChanged();
  399. }
  400. }
  402. HRESULT
  403. CAuthenticationDlg::BrowseDomain(CString& domain)
  404. {
  405. CString prev = domain;
  406. CComPtr<IDsBrowseDomainTree> spDsDomains;
  408. CError err = ::CoCreateInstance(CLSID_DsDomainTreeBrowser,
  409. NULL,
  410. CLSCTX_INPROC_SERVER,
  411. IID_IDsBrowseDomainTree,
  412. reinterpret_cast<void **>(&spDsDomains));
  413. if (err.Succeeded())
  414. {
  415. err = spDsDomains->SetComputer(m_strServerName, NULL, NULL); // use default credential
  416. if (err.Succeeded())
  417. {
  418. LPTSTR pDomainPath = NULL;
  419. err = spDsDomains->BrowseTo(m_hWnd, &pDomainPath,
  420. /*DBDTF_RETURNINOUTBOUND |*/ DBDTF_RETURNEXTERNAL | DBDTF_RETURNMIXEDDOMAINS);
  421. if (err.Succeeded() && pDomainPath != NULL)
  422. {
  423. domain = pDomainPath;
  424. if (domain.CompareNoCase(prev) != 0)
  425. {
  426. OnItemChanged();
  427. }
  428. CoTaskMemFree(pDomainPath);
  429. }
  430. // When user click on Cancel in this browser, it returns 80070001 (Incorrect function).
  431. // I am not quite sure what does it mean. We are filtering out the case when domain browser doesn't
  432. // work at all (in workgroup), so here we could safely skip error processing.
  433. // else
  434. // {
  435. // err.MessageBox();
  436. // }
  437. }
  438. }
  439. return err;
  440. }
  442. void
  443. CAuthenticationDlg::OnCheckEnablePwSynchronization()
  444. {
  445. m_fPasswordSyncChanged = TRUE;
  446. m_fPasswordSync = !m_fPasswordSync;
  447. OnItemChanged();
  448. SetControlStates();
  449. if (!m_fPasswordSync )
  450. {
  451. m_edit_Password.SetSel(0,-1);
  452. m_edit_Password.SetFocus();
  453. }
  454. }
  456. void
  457. CAuthenticationDlg::OnChangeEditUsername()
  458. {
  459. m_fUserNameChanged = TRUE;
  460. OnItemChanged();
  461. }
  463. void
  464. CAuthenticationDlg::OnCheckClearText()
  465. {
  466. if (m_check_ClearText.GetCheck() == 1)
  467. {
  468. CClearTxtDlg dlg;
  469. if (dlg.DoModal() != IDOK)
  470. {
  471. m_check_ClearText.SetCheck(0);
  472. return;
  473. }
  474. }
  476. m_fClearText = !m_fClearText;
  477. OnItemChanged();
  478. SetControlStates();
  479. }
  483. void
  484. CAuthenticationDlg::OnCheckDigest()
  485. {
  486. ASSERT(m_fHasDigest);
  488. if (m_check_Digest.GetCheck() == 1)
  489. {
  490. CString cap, msg;
  491. msg.LoadString(IDS_WRN_DIGEST);
  492. cap.LoadString(IDS_APP_NAME);
  493. if (IDNO == IisMessageBox(m_hWnd, IDS_WRN_DIGEST, MB_YESNO|MB_ICONQUESTION|MB_DEFBUTTON2, HIDD_DOMAINACCTS))
  494. {
  495. m_check_Digest.SetCheck(0);
  496. return;
  497. }
  498. }
  500. m_fDigest = !m_fDigest;
  501. OnItemChanged();
  502. SetControlStates();
  503. }
  507. void
  508. CAuthenticationDlg::OnCheckAnonymous()
  509. {
  510. m_fAnonymous = !m_fAnonymous;
  511. OnItemChanged();
  512. SetControlStates();
  513. }
  515. void
  516. CAuthenticationDlg::OnCheckPassport()
  517. {
  518. m_fPassport = !m_fPassport;
  519. OnItemChanged();
  520. SetControlStates();
  521. }
  523. void
  524. CAuthenticationDlg::OnOK()
  525. {
  526. if (UpdateData(TRUE))
  527. {
  528. SET_FLAG_IF(m_fPassport, m_dwAuthFlags, MD_AUTH_PASSPORT);
  529. SET_FLAG_IF(m_fClearText, m_dwAuthFlags, MD_AUTH_BASIC);
  530. SET_FLAG_IF(m_fChallengeResponse, m_dwAuthFlags, MD_AUTH_NT);
  531. SET_FLAG_IF(m_fAnonymous, m_dwAuthFlags, MD_AUTH_ANONYMOUS);
  532. SET_FLAG_IF(m_fDigest, m_dwAuthFlags, MD_AUTH_MD5);
  534. //
  535. // Provide warning if no authentication is selected
  536. //
  537. if (!m_dwAuthFlags
  538. && !m_dwAccessPermissions
  539. && !NoYesMessageBox(IDS_WRN_NO_AUTH)
  540. )
  541. {
  542. //
  543. // Don't dismiss the dialog
  544. //
  545. return;
  546. }
  548. CDialog::OnOK();
  549. }
  550. }