archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
windows-xp/Source/XPSP1/NT/inetsrv/iis/admin/snapin/authent.cpp

488 lines
13 KiB
Raw Permalink Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1994-2001 Microsoft Corporation
  5. Module Name :
  6. authent.cpp
  8. Abstract:
  9. WWW Authentication Dialog
  11. Author:
  12. Ronald Meijer (ronaldm)
  13. Sergei Antonov (sergeia)
  15. Project:
  16. Internet Services Manager
  18. Revision History:
  20. --*/
  21. #include "stdafx.h"
  22. #include "resource.h"
  23. #include "common.h"
  24. #include "inetprop.h"
  25. #include "inetmgrapp.h"
  26. #include "supdlgs.h"
  27. #include "certmap.h"
  28. #include "authent.h"
  29. #define INITGUID
  30. #include <initguid.h>
  31. #include <dsclient.h>
  32. #include <wincrui.h>
  33. #include <Dsgetdc.h>
  34. #include <Lm.h>
  36. #ifdef _DEBUG
  37. #define new DEBUG_NEW
  38. #undef THIS_FILE
  39. static char THIS_FILE[] = __FILE__;
  40. #endif
  42. #define HIDD_DOMAINACCTS 0x50334
  44. CAuthenticationDlg::CAuthenticationDlg(
  45. IN LPCTSTR lpstrServerName,
  46. IN DWORD dwInstance,
  47. IN CString & strBasicDomain,
  48. IN CString & strRealm,
  49. IN DWORD & dwAuthFlags,
  50. IN DWORD & dwAccessPermissions,
  51. IN CString & strUserName,
  52. IN CString & strPassword,
  53. IN BOOL & fPasswordSync,
  54. IN BOOL fAdminAccess,
  55. IN BOOL fHasDigest,
  56. IN CWnd * pParent OPTIONAL
  57. )
  58. /*++
  60. Routine Description:
  62. Authentication dialog constructor
  64. Arguments:
  66. LPCTSTR lpstrServerName : Server name
  67. DWORD dwInstance : Instance number
  68. CString & strBasicDomain : Basic domain name
  69. DWORD & dwAuthFlags : Authorization flags
  70. DWORD & dwAccessPermissions : Access permissions
  71. CString & strUserName : Anonymous user name
  72. CString & strPassword : Anonymous user pwd
  73. BOOL & fPasswordSync : Password sync setting
  74. BOOL fAdminAccess : TRUE if user has admin access
  75. BOOL fHasDigest : TRUE if machine supports digest auth.
  76. CWnd * pParent : Optional parent window
  78. Return Value:
  80. N/A
  82. --*/
  83. : CDialog(CAuthenticationDlg::IDD, pParent),
  84. m_strServerName(lpstrServerName),
  85. m_strBasicDomain(strBasicDomain),
  86. m_strRealm(strRealm),
  87. m_strUserName(strUserName),
  88. m_strPassword(strPassword),
  89. m_dwInstance(dwInstance),
  90. m_dwAuthFlags(dwAuthFlags),
  91. m_dwAccessPermissions(dwAccessPermissions),
  92. m_fAdminAccess(fAdminAccess),
  93. m_fHasDigest(fHasDigest),
  94. m_fPasswordSync(fPasswordSync),
  95. m_fPasswordSyncChanged(FALSE),
  96. m_fUserNameChanged(FALSE),
  97. m_fPasswordSyncMsgShown(FALSE),
  98. m_fChanged(FALSE),
  99. m_fInDomain(TRUE)
  100. {
  101. #if 0 // Class Wizard happy
  103. //{{AFX_DATA_INIT(CAuthenticationDlg)
  104. m_fClearText = FALSE;
  105. m_fDigest = FALSE;
  106. m_fChallengeResponse = FALSE;
  107. m_fAnonymous = FALSE;
  108. //}}AFX_DATA_INIT
  110. #endif // 0
  112. m_fClearText = IS_FLAG_SET(m_dwAuthFlags, MD_AUTH_BASIC);
  113. m_fDigest = IS_FLAG_SET(m_dwAuthFlags, MD_AUTH_MD5);
  114. m_fChallengeResponse = IS_FLAG_SET(m_dwAuthFlags, MD_AUTH_NT);
  115. m_fAnonymous = IS_FLAG_SET(m_dwAuthFlags, MD_AUTH_ANONYMOUS);
  116. }
  119. void
  120. CAuthenticationDlg::DoDataExchange(
  121. IN CDataExchange * pDX
  122. )
  123. {
  124. if (pDX->m_bSaveAndValidate && !m_fChanged)
  125. {
  126. return;
  127. }
  128. CDialog::DoDataExchange(pDX);
  129. //{{AFX_DATA_MAP(CAuthenticationDlg)
  130. DDX_Control(pDX, IDC_CHECK_ANONYMOUS, m_check_Anonymous);
  131. DDX_Check(pDX, IDC_CHECK_ANONYMOUS, m_fAnonymous);
  132. DDX_Control(pDX, IDC_EDIT_USERNAME, m_edit_UserName);
  133. DDX_Control(pDX, IDC_EDIT_PASSWORD, m_edit_Password);
  134. DDX_Check(pDX, IDC_CHECK_ENABLE_PW_SYNCHRONIZATION, m_fPasswordSync);
  135. DDX_Control(pDX, IDC_CHECK_ENABLE_PW_SYNCHRONIZATION, m_chk_PasswordSync);
  136. DDX_Check(pDX, IDC_CHECK_CLEAR_TEXT, m_fClearText);
  137. DDX_Check(pDX, IDC_CHECK_DIGEST, m_fDigest);
  138. DDX_Check(pDX, IDC_CHECK_NT_CHALLENGE_RESPONSE, m_fChallengeResponse);
  139. DDX_Control(pDX, IDC_CHECK_NT_CHALLENGE_RESPONSE, m_check_ChallengeResponse);
  140. DDX_Control(pDX, IDC_CHECK_DIGEST, m_check_Digest);
  141. DDX_Control(pDX, IDC_CHECK_CLEAR_TEXT, m_check_ClearText);
  142. DDX_Control(pDX, IDC_BASDOM, m_edit_BasicDomain);
  143. DDX_Control(pDX, IDC_BASDOM_SELECT, m_btn_SelectDomain);
  144. DDX_Control(pDX, IDC_REALM, m_edit_Realm);
  145. DDX_Control(pDX, IDC_REALM_SELECT, m_btn_SelectRealm);
  146. //}}AFX_DATA_MAP
  147. DDX_Text(pDX, IDC_EDIT_USERNAME, m_strUserName);
  148. DDV_MinMaxChars(pDX, m_strUserName, 1, UNLEN);
  149. DDX_Text(pDX, IDC_BASDOM, m_strBasicDomain);
  150. DDX_Text(pDX, IDC_REALM, m_strRealm);
  151. //
  152. // Some people have a tendency to add "\\" before
  153. // the computer name in user accounts. Fix this here.
  154. //
  155. m_strUserName.TrimLeft();
  156. while (*m_strUserName == '\\')
  157. {
  158. m_strUserName = m_strUserName.Mid(2);
  159. }
  161. //
  162. // Display the remote password sync message if
  163. // password sync is on, the account is not local,
  164. // password sync has changed or username has changed
  165. // and the message hasn't already be shown.
  166. //
  167. if (pDX->m_bSaveAndValidate)
  168. {
  169. BOOL bLocal;
  170. CString user, domain;
  171. CError err = CredUIParseUserName(
  172. m_strUserName,
  173. user.GetBuffer(CRED_MAX_USERNAME_LENGTH), CRED_MAX_USERNAME_LENGTH,
  174. domain.GetBuffer(MAX_PATH), MAX_PATH);
  175. user.ReleaseBuffer();
  176. domain.ReleaseBuffer();
  177. bLocal = domain.IsEmpty() || domain.CompareNoCase(m_strServerName) == 0;
  178. if (m_fPasswordSync
  179. && !bLocal
  180. && (m_fPasswordSyncChanged || m_fUserNameChanged)
  181. && !m_fPasswordSyncMsgShown
  182. )
  183. {
  184. if (::AfxMessageBox(IDS_WRN_PWSYNC, MB_YESNO | MB_DEFBUTTON2 | MB_ICONQUESTION ) != IDYES)
  185. {
  186. pDX->Fail();
  187. }
  189. //
  190. // Don't show it again
  191. //
  192. m_fPasswordSyncMsgShown = TRUE;
  193. }
  194. // Convert to standard domain\user format
  195. if (!bLocal)
  196. {
  197. m_strUserName = domain;
  198. m_strUserName += _T('\\');
  199. m_strUserName += user;
  200. }
  201. }
  202. if (!m_fPasswordSync || !pDX->m_bSaveAndValidate)
  203. {
  204. DDX_Password(pDX, IDC_EDIT_PASSWORD, m_strPassword, g_lpszDummyPassword);
  205. }
  206. if (!m_fPasswordSync)
  207. {
  208. DDV_MaxChars(pDX, m_strPassword, PWLEN);
  209. }
  210. if (pDX->m_bSaveAndValidate)
  211. {
  212. m_fChanged = FALSE;
  213. }
  214. }
  218. //
  219. // Message Map
  220. //
  221. BEGIN_MESSAGE_MAP(CAuthenticationDlg, CDialog)
  222. //{{AFX_MSG_MAP(CAuthenticationDlg)
  223. ON_BN_CLICKED(IDC_CHECK_ANONYMOUS, OnCheckAnonymous)
  224. ON_BN_CLICKED(IDC_BUTTON_BROWSE_USERS, OnButtonBrowseUsers)
  225. ON_BN_CLICKED(IDC_CHECK_ENABLE_PW_SYNCHRONIZATION, OnCheckEnablePwSynchronization)
  226. ON_EN_CHANGE(IDC_EDIT_USERNAME, OnChangeEditUsername)
  227. ON_BN_CLICKED(IDC_CHECK_CLEAR_TEXT, OnCheckClearText)
  228. ON_BN_CLICKED(IDC_CHECK_DIGEST, OnCheckDigest)
  229. ON_BN_CLICKED(IDC_CHECK_NT_CHALLENGE_RESPONSE, OnItemChanged)
  230. ON_BN_CLICKED(IDC_BASDOM_SELECT, OnButtonSelectDomain)
  231. ON_BN_CLICKED(IDC_REALM_SELECT, OnButtonSelectRealm)
  232. //}}AFX_MSG_MAP
  233. // ON_BN_CLICKED(IDC_BUTTON_EDIT, OnButtonEdit)
  234. ON_EN_CHANGE(IDC_EDIT_PASSWORD, OnItemChanged)
  235. ON_EN_CHANGE(IDC_EDIT_DOMAIN_NAME, OnItemChanged)
  236. ON_EN_CHANGE(IDC_BASDOM, OnItemChanged)
  237. ON_EN_CHANGE(IDC_REALM, OnItemChanged)
  238. END_MESSAGE_MAP()
  240. void
  241. CAuthenticationDlg::OnItemChanged()
  242. /*++
  244. Routine Description:
  246. All EN_CHANGE and BN_CLICKED messages map to this function
  248. --*/
  249. {
  250. m_fChanged = TRUE;
  251. SetControlStates();
  252. }
  254. void
  255. CAuthenticationDlg::SetControlStates()
  256. /*++
  258. Routine Description:
  259. Set control states depending on current data in the dialog
  261. --*/
  262. {
  263. m_edit_UserName.EnableWindow(m_fAnonymous);
  264. m_chk_PasswordSync.EnableWindow(m_fAnonymous);
  265. m_edit_Password.EnableWindow(!m_fPasswordSync && m_fAnonymous);
  266. m_edit_BasicDomain.EnableWindow(m_fClearText);
  267. m_btn_SelectDomain.EnableWindow(m_fClearText && m_fInDomain);
  268. m_edit_Realm.EnableWindow(m_fDigest || m_fClearText);
  269. m_btn_SelectRealm.EnableWindow((m_fDigest || m_fClearText) && m_fInDomain);
  270. GetDlgItem(IDC_BUTTON_BROWSE_USERS)->EnableWindow(m_fAnonymous);
  271. }
  273. BOOL
  274. CAuthenticationDlg::OnInitDialog()
  275. {
  276. CDialog::OnInitDialog();
  278. SetControlStates();
  280. //
  281. // Ensure compatibility with downlevel
  282. //
  283. m_check_Digest.EnableWindow(m_fHasDigest);
  285. // Check if computer is joined to domain
  286. COMPUTER_NAME_FORMAT fmt = ComputerNamePhysicalDnsDomain;
  287. TCHAR buf[MAX_PATH];
  288. DWORD n = MAX_PATH;
  289. m_fInDomain = (GetComputerNameEx(fmt, buf, &n) && n > 0);
  290. m_btn_SelectDomain.EnableWindow(m_fInDomain);
  291. m_btn_SelectRealm.EnableWindow(m_fInDomain);
  293. return TRUE;
  294. }
  296. void
  297. CAuthenticationDlg::OnButtonBrowseUsers()
  298. {
  299. CString str;
  301. if (GetIUsrAccount(m_strServerName, this, str))
  302. {
  303. //
  304. // If the name is non-local (determined by having
  305. // a slash in the name, password sync is disabled,
  306. // and a password should be entered.
  307. //
  308. m_edit_UserName.SetWindowText(str);
  309. CString user, domain;
  310. CError err = CredUIParseUserName(str,
  311. user.GetBuffer(CRED_MAX_USERNAME_LENGTH), CRED_MAX_USERNAME_LENGTH,
  312. domain.GetBuffer(MAX_PATH), MAX_PATH);
  313. user.ReleaseBuffer();
  314. domain.ReleaseBuffer();
  315. m_fPasswordSync =
  316. domain.IsEmpty() || domain.CompareNoCase(m_strServerName) == 0;
  317. if (!m_fPasswordSync)
  318. {
  319. m_edit_Password.SetWindowText(_T(""));
  320. m_edit_Password.SetFocus();
  321. }
  323. m_chk_PasswordSync.SetCheck(m_fPasswordSync);
  324. OnItemChanged();
  325. }
  326. }
  328. //GUID _CLSID_DsDomainTreeBrowser = {0x1698790a, 0xe2b4, 0x11d0, {0xb0, 0xb1, 0x00, 0xc0, 0x4f, 0xd8, 0xdc, 0xa6}};
  329. //GUID _IID_IDsBrowseDomainTree = {0x7cabcf1e, 0x78f5, 0x11d2, {0x96, 0xc, 0x0, 0xc0, 0x4f, 0xa3, 0x1a, 0x86}};
  331. void CAuthenticationDlg::OnButtonSelectDomain()
  332. {
  333. HRESULT hr = BrowseDomain(m_strBasicDomain);
  334. if (SUCCEEDED(hr))
  335. {
  336. UpdateData(FALSE);
  337. }
  338. }
  340. void CAuthenticationDlg::OnButtonSelectRealm()
  341. {
  342. HRESULT hr = BrowseDomain(m_strRealm);
  343. if (SUCCEEDED(hr))
  344. {
  345. UpdateData(FALSE);
  346. }
  347. }
  349. HRESULT
  350. CAuthenticationDlg::BrowseDomain(CString& domain)
  351. {
  352. CString prev = domain;
  353. CComPtr<IDsBrowseDomainTree> spDsDomains;
  355. CError err = ::CoCreateInstance(CLSID_DsDomainTreeBrowser,
  356. NULL,
  357. CLSCTX_INPROC_SERVER,
  358. IID_IDsBrowseDomainTree,
  359. reinterpret_cast<void **>(&spDsDomains));
  360. if (err.Succeeded())
  361. {
  362. err = spDsDomains->SetComputer(m_strServerName, NULL, NULL); // use default credential
  363. if (err.Succeeded())
  364. {
  365. LPTSTR pDomainPath = NULL;
  366. err = spDsDomains->BrowseTo(m_hWnd, &pDomainPath,
  367. /*DBDTF_RETURNINOUTBOUND |*/ DBDTF_RETURNEXTERNAL | DBDTF_RETURNMIXEDDOMAINS);
  368. if (err.Succeeded() && pDomainPath != NULL)
  369. {
  370. domain = pDomainPath;
  371. if (domain.CompareNoCase(prev) != 0)
  372. {
  373. OnItemChanged();
  374. }
  375. CoTaskMemFree(pDomainPath);
  376. }
  377. // When user click on Cancel in this browser, it returns 80070001 (Incorrect function).
  378. // I am not quite sure what does it mean. We are filtering out the case when domain browser doesn't
  379. // work at all (in workgroup), so here we could safely skip error processing.
  380. // else
  381. // {
  382. // err.MessageBox();
  383. // }
  384. }
  385. }
  386. return err;
  387. }
  389. void
  390. CAuthenticationDlg::OnCheckEnablePwSynchronization()
  391. {
  392. m_fPasswordSyncChanged = TRUE;
  393. m_fPasswordSync = !m_fPasswordSync;
  394. OnItemChanged();
  395. SetControlStates();
  396. if (!m_fPasswordSync )
  397. {
  398. m_edit_Password.SetSel(0,-1);
  399. m_edit_Password.SetFocus();
  400. }
  401. }
  403. void
  404. CAuthenticationDlg::OnChangeEditUsername()
  405. {
  406. m_fUserNameChanged = TRUE;
  407. OnItemChanged();
  408. }
  410. void
  411. CAuthenticationDlg::OnCheckClearText()
  412. {
  413. if (m_check_ClearText.GetCheck() == 1)
  414. {
  415. CClearTxtDlg dlg;
  416. if (dlg.DoModal() != IDOK)
  417. {
  418. m_check_ClearText.SetCheck(0);
  419. return;
  420. }
  421. }
  423. m_fClearText = !m_fClearText;
  424. OnItemChanged();
  425. SetControlStates();
  426. }
  430. void
  431. CAuthenticationDlg::OnCheckDigest()
  432. {
  433. ASSERT(m_fHasDigest);
  435. if (m_check_Digest.GetCheck() == 1)
  436. {
  437. CString cap, msg;
  438. msg.LoadString(IDS_WRN_DIGEST);
  439. cap.LoadString(IDS_ROOT_NODE);
  440. if (IDNO == IisMessageBox(m_hWnd, IDS_WRN_DIGEST, MB_YESNO|MB_ICONQUESTION|MB_DEFBUTTON2, HIDD_DOMAINACCTS))
  441. {
  442. m_check_Digest.SetCheck(0);
  443. return;
  444. }
  445. }
  447. m_fDigest = !m_fDigest;
  448. OnItemChanged();
  449. SetControlStates();
  450. }
  454. void
  455. CAuthenticationDlg::OnCheckAnonymous()
  456. {
  457. m_fAnonymous = !m_fAnonymous;
  458. OnItemChanged();
  459. SetControlStates();
  460. }
  462. void
  463. CAuthenticationDlg::OnOK()
  464. {
  465. if (UpdateData(TRUE))
  466. {
  467. SET_FLAG_IF(m_fClearText, m_dwAuthFlags, MD_AUTH_BASIC);
  468. SET_FLAG_IF(m_fChallengeResponse, m_dwAuthFlags, MD_AUTH_NT);
  469. SET_FLAG_IF(m_fAnonymous, m_dwAuthFlags, MD_AUTH_ANONYMOUS);
  470. SET_FLAG_IF(m_fDigest, m_dwAuthFlags, MD_AUTH_MD5);
  472. //
  473. // Provide warning if no authentication is selected
  474. //
  475. if (!m_dwAuthFlags
  476. && !m_dwAccessPermissions
  477. && !NoYesMessageBox(IDS_WRN_NO_AUTH)
  478. )
  479. {
  480. //
  481. // Don't dismiss the dialog
  482. //
  483. return;
  484. }
  486. CDialog::OnOK();
  487. }
  488. }