archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
3.3 GiB
 
 
 
 
 
 
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/inetsrv/iis/iisrearc/iisplus/ulw3/iiscertmapprovider.hxx

232 lines
4.5 KiB
Raw Blame History

#ifndef _IISCERTMAPPROVIDER_HXX_
#define _IISCERTMAPPROVIDER_HXX_
class IISCERTMAP_AUTH_PROVIDER : public AUTH_PROVIDER
{
public:
IISCERTMAP_AUTH_PROVIDER()
{
}
virtual ~IISCERTMAP_AUTH_PROVIDER()
{
}
HRESULT
Initialize(
DWORD dwInternalId
)
{
SetInternalId( dwInternalId );
return NO_ERROR;
}
VOID
Terminate(
VOID
)
{
}
HRESULT
DoesApply(
W3_MAIN_CONTEXT * pMainContext,
BOOL * pfApplies
);
HRESULT
DoAuthenticate(
W3_MAIN_CONTEXT * pMainContext,
BOOL * pfFilterFinished
);
HRESULT
OnAccessDenied(
W3_MAIN_CONTEXT * pMainContext
);
DWORD
QueryAuthType(
VOID
)
{
//
// This really isn't a metabase auth type.
// It is important to note that
// there must be no MD_AUTH_* defined that
// equals to MD_ACCESS_MAP_CERT
//
return MD_ACCESS_MAP_CERT;
}
};
//
// IISCERTMAP_CONTEXT_STATE is used to communicate information from DoesApply()
// to DoAuthenticate() of IISCERTMAP_AUTH_PROVIDER
//
class IISCERTMAP_CONTEXT_STATE : public W3_MAIN_CONTEXT_STATE
{
public:
IISCERTMAP_CONTEXT_STATE(
TOKEN_CACHE_ENTRY * pCachedToken,
BOOL fClientCertDeniedByIISCertMap
)
{
if ( pCachedToken != NULL )
{
pCachedToken->ReferenceCacheEntry();
}
else
{
//
// if fClientCertDeniedByIISCertMap is TRUE then p
// CachedToken should be NULL
//
DBG_ASSERT( fClientCertDeniedByIISCertMap );
}
_pCachedIISCertMapToken = pCachedToken;
_fClientCertDeniedByIISCertMap = fClientCertDeniedByIISCertMap;
}
BOOL
Cleanup(
W3_MAIN_CONTEXT * /*pMainContext*/
)
{
if ( _pCachedIISCertMapToken != NULL )
{
_pCachedIISCertMapToken->DereferenceCacheEntry();
_pCachedIISCertMapToken = NULL;
}
delete this;
return TRUE;
}
TOKEN_CACHE_ENTRY *
QueryCachedIISCertMapToken(
VOID
)
{
return _pCachedIISCertMapToken;
}
BOOL
QueryClientCertDeniedByIISCertMap(
VOID
)
{
return _fClientCertDeniedByIISCertMap;
}
private:
TOKEN_CACHE_ENTRY * _pCachedIISCertMapToken;
//
// flag that IIS certificate mapper has denied authentication
//
BOOL _fClientCertDeniedByIISCertMap;
};
class IISCERTMAP_USER_CONTEXT : public W3_USER_CONTEXT
{
public:
IISCERTMAP_USER_CONTEXT( AUTH_PROVIDER * pProvider )
: W3_USER_CONTEXT( pProvider )
{
_achUserName[ 0 ] = L'\0';
}
virtual ~IISCERTMAP_USER_CONTEXT()
{
if ( _pCachedToken != NULL )
{
_pCachedToken->DereferenceCacheEntry();
_pCachedToken = NULL;
}
}
HRESULT
Create(
TOKEN_CACHE_ENTRY * _pCachedToken
);
WCHAR *
QueryUserName(
VOID
)
{
return _achUserName;
}
WCHAR *
QueryPassword(
VOID
)
{
return L"";
}
DWORD
QueryAuthType(
VOID
)
{
//
// This really isn't a metabase auth type.
// It is important to note that
// there must be no MD_AUTH_* defined that
// equals to MD_ACCESS_MAP_CERT
//
return MD_ACCESS_MAP_CERT;
}
TOKEN_CACHE_ENTRY *
QueryCachedToken(
VOID
)
{
return _pCachedToken;
}
HANDLE
QueryImpersonationToken(
VOID
)
{
DBG_ASSERT( _pCachedToken != NULL );
return _pCachedToken->QueryImpersonationToken();
}
HANDLE
QueryPrimaryToken(
VOID
)
{
DBG_ASSERT( _pCachedToken != NULL );
return _pCachedToken->QueryPrimaryToken();
}
BOOL
IsValid(
VOID
)
{
return TRUE;
}
private:
WCHAR _achUserName[ UNLEN + 1 ];
TOKEN_CACHE_ENTRY * _pCachedToken;
};
#endif