archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/inetsrv/iis/iisrearc/iisplus/ulw3/anonymousprovider.cxx

294 lines
7.0 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  2. Copyright (c) 1999 Microsoft Corporation
  4. Module Name :
  5. anonymousprovider.cxx
  7. Abstract:
  8. Anonymous authentication provider
  10. Author:
  11. Bilal Alam (balam) 10-Jan-2000
  13. Environment:
  14. Win32 - User Mode
  16. Project:
  17. ULW3.DLL
  18. --*/
  20. #include "precomp.hxx"
  21. #include "anonymousprovider.hxx"
  23. HRESULT
  24. ANONYMOUS_AUTH_PROVIDER::DoesApply(
  25. W3_MAIN_CONTEXT * pMainContext,
  26. BOOL * pfApplies
  27. )
  28. /*++
  30. Routine Description:
  32. Does anonymous apply to this request?
  34. Arguments:
  36. pMainContext - Main context representing request
  37. pfApplies - Set to true if SSPI is applicable
  39. Return Value:
  41. HRESULT
  43. --*/
  44. {
  45. if ( pfApplies == NULL )
  46. {
  47. DBG_ASSERT( FALSE );
  48. return HRESULT_FROM_WIN32( ERROR_INVALID_PARAMETER );
  49. }
  51. //
  52. // Anonymous ALWAYS applies!
  53. //
  55. *pfApplies = TRUE;
  56. return NO_ERROR;
  57. }
  59. HRESULT
  60. ANONYMOUS_AUTH_PROVIDER::DoAuthenticate(
  61. W3_MAIN_CONTEXT * pMainContext
  62. )
  63. /*++
  65. Routine Description:
  67. Do anonymous authentication (trivial)
  69. Arguments:
  71. pMainContext - Main context representing request
  73. Return Value:
  75. HRESULT
  77. --*/
  78. {
  79. W3_METADATA * pMetaData = NULL;
  80. TOKEN_CACHE_ENTRY * pCachedToken = NULL;
  81. HRESULT hr;
  82. ANONYMOUS_USER_CONTEXT* pUserContext = NULL;
  83. // add 1 to strUserDomain for separator "\"
  84. STACK_STRA( strUserDomain, UNLEN + IIS_DNLEN + 1 + 1 );
  85. STACK_STRA( strPassword, PWLEN + 1 );
  86. // add 1 to strUserDomainW for separator "\"
  87. STACK_STRU( strUserDomainW, UNLEN + IIS_DNLEN + 1 + 1 );
  88. STACK_STRU( strPasswordW, PWLEN + 1 );
  89. STACK_STRU( strDomainNameW, IIS_DNLEN + 1 );
  90. STACK_STRU( strUserNameW, UNLEN + 1 );
  91. BOOL fFinished;
  92. BOOL fRet;
  93. DWORD dwLogonError;
  94. BOOL fPossibleUPNLogon = FALSE;
  96. if ( pMainContext == NULL )
  97. {
  98. DBG_ASSERT( FALSE );
  99. return HRESULT_FROM_WIN32( ERROR_INVALID_PARAMETER );
  100. }
  102. pMetaData = pMainContext->QueryUrlContext()->QueryMetaData();
  103. DBG_ASSERT( pMetaData != NULL );
  105. //
  106. // Notify authentication filters
  107. //
  109. if ( pMainContext->IsNotificationNeeded( SF_NOTIFY_AUTHENTICATION ) )
  110. {
  111. HTTP_FILTER_AUTHENT filterAuthent;
  113. DBG_ASSERT( strUserDomain.IsEmpty() );
  114. hr = strUserDomain.Resize( SF_MAX_USERNAME );
  115. if ( FAILED( hr ) )
  116. {
  117. return hr;
  118. }
  120. DBG_ASSERT( strPassword.IsEmpty() );
  121. hr = strPassword.Resize( SF_MAX_PASSWORD );
  122. if ( FAILED( hr ) )
  123. {
  124. return hr;
  125. }
  127. filterAuthent.pszUser = strUserDomain.QueryStr();
  128. filterAuthent.cbUserBuff = SF_MAX_USERNAME;
  130. filterAuthent.pszPassword = strPassword.QueryStr();
  131. filterAuthent.cbPasswordBuff = SF_MAX_PASSWORD;
  133. fRet = pMainContext->NotifyFilters( SF_NOTIFY_AUTHENTICATION,
  134. &filterAuthent,
  135. &fFinished );
  137. if ( !fRet )
  138. {
  139. return HRESULT_FROM_WIN32( GetLastError() );
  140. }
  142. if ( fFinished )
  143. {
  144. pMainContext->SetFinishedResponse();
  145. return NO_ERROR;
  146. }
  148. strUserDomain.SetLen( strlen( strUserDomain.QueryStr() ) );
  149. strPassword.SetLen( strlen( strPassword.QueryStr() ) );
  150. }
  152. //
  153. // If the filter set a user/password, then use it
  154. //
  156. if ( strUserDomain.QueryCCH() > 0 )
  157. {
  158. //
  159. // Convert to unicode
  160. //
  162. hr = strUserDomainW.CopyA( strUserDomain.QueryStr() );
  163. if ( FAILED( hr ) )
  164. {
  165. return hr;
  166. }
  168. hr = strPasswordW.CopyA( strPassword.QueryStr() );
  169. if ( FAILED( hr ) )
  170. {
  171. return hr;
  172. }
  174. //
  175. // Get username/domain out of domain\username
  176. //
  178. hr = W3_STATE_AUTHENTICATION::SplitUserDomain( strUserDomainW,
  179. &strUserNameW,
  180. &strDomainNameW,
  181. pMetaData->QueryDomainName(),
  182. &fPossibleUPNLogon );
  183. if ( FAILED( hr ) )
  184. {
  185. return hr;
  186. }
  188. //
  189. // Try to get the token
  190. //
  192. DBG_ASSERT( g_pW3Server->QueryTokenCache() != NULL );
  194. hr = g_pW3Server->QueryTokenCache()->GetCachedToken(
  195. strUserNameW.QueryStr(),
  196. strDomainNameW.QueryStr(),
  197. strPasswordW.QueryStr(),
  198. pMetaData->QueryLogonMethod(),
  199. fPossibleUPNLogon,
  200. &pCachedToken,
  201. &dwLogonError );
  202. if ( FAILED( hr ) )
  203. {
  204. return hr;
  205. }
  206. }
  207. else
  208. {
  209. //
  210. // Use the IUSR account
  211. //
  212. pCachedToken = pMetaData->QueryAnonymousToken();
  214. if ( pCachedToken != NULL )
  215. {
  216. //
  217. // Reference cached token because the metadata may go away from us
  218. // if AUTH_COMPLETE backed up the state machine
  219. //
  221. pCachedToken->ReferenceCacheEntry();
  222. }
  223. }
  225. if ( pCachedToken == NULL )
  226. {
  227. //
  228. // Bogus anonymous account
  229. //
  231. pMainContext->QueryResponse()->SetStatus( HttpStatusUnauthorized,
  232. Http401BadLogon );
  234. return NO_ERROR;
  235. }
  237. //
  238. // For perf reasons, the anonymous user context is inline
  239. //
  241. pUserContext = new (pMainContext) ANONYMOUS_USER_CONTEXT( this );
  242. DBG_ASSERT( pUserContext != NULL );
  244. hr = pUserContext->Create( pCachedToken,
  245. pMetaData->QueryLogonMethod() );
  246. if ( FAILED( hr ) )
  247. {
  248. return hr;
  249. }
  251. pMainContext->SetUserContext( pUserContext );
  253. return NO_ERROR;
  254. }
  256. HRESULT
  257. ANONYMOUS_USER_CONTEXT::Create(
  258. TOKEN_CACHE_ENTRY * pCachedToken,
  259. DWORD dwLogonMethod
  260. )
  261. /*++
  263. Routine Description:
  265. Initialize anonymous context
  267. Arguments:
  269. pCachedToken - anonymous user token
  270. dwLogonMethod - logon method
  272. Return Value:
  274. HRESULT
  276. --*/
  277. {
  278. if ( pCachedToken == NULL )
  279. {
  280. DBG_ASSERT( FALSE );
  281. return HRESULT_FROM_WIN32( ERROR_INVALID_PARAMETER );
  282. }
  284. if ( dwLogonMethod == LOGON32_LOGON_INTERACTIVE ||
  285. dwLogonMethod == LOGON32_LOGON_BATCH )
  286. {
  287. _fDelegatable = TRUE;
  288. }
  290. _pCachedToken = pCachedToken;
  292. return NO_ERROR;
  293. }