210 lines
3.6 KiB
C++
210 lines
3.6 KiB
C++
#ifndef _IISCERTMAPPROVIDER_HXX_
|
|
#define _IISCERTMAPPROVIDER_HXX_
|
|
|
|
class IISCERTMAP_AUTH_PROVIDER : public AUTH_PROVIDER
|
|
{
|
|
public:
|
|
|
|
IISCERTMAP_AUTH_PROVIDER()
|
|
{
|
|
}
|
|
|
|
virtual ~IISCERTMAP_AUTH_PROVIDER()
|
|
{
|
|
}
|
|
|
|
HRESULT
|
|
Initialize(
|
|
DWORD dwInternalId
|
|
)
|
|
{
|
|
SetInternalId( dwInternalId );
|
|
|
|
return NO_ERROR;
|
|
}
|
|
|
|
VOID
|
|
Terminate(
|
|
VOID
|
|
)
|
|
{
|
|
}
|
|
|
|
HRESULT
|
|
DoesApply(
|
|
W3_MAIN_CONTEXT * pMainContext,
|
|
BOOL * pfApplies
|
|
);
|
|
|
|
HRESULT
|
|
DoAuthenticate(
|
|
W3_MAIN_CONTEXT * pMainContext
|
|
);
|
|
|
|
HRESULT
|
|
OnAccessDenied(
|
|
W3_MAIN_CONTEXT * pMainContext
|
|
);
|
|
|
|
DWORD
|
|
QueryAuthType(
|
|
VOID
|
|
)
|
|
{
|
|
//
|
|
// Yah Yah Yah. This really isn't a metabase auth type.
|
|
//
|
|
|
|
return MD_ACCESS_MAP_CERT;
|
|
}
|
|
};
|
|
|
|
|
|
//
|
|
// IISCERTMAP_CONTEXT_STATE is used to communicate information from DoesApply()
|
|
// to DoAuthenticate() of IISCERTMAP_AUTH_PROVIDER
|
|
//
|
|
|
|
class IISCERTMAP_CONTEXT_STATE : public W3_MAIN_CONTEXT_STATE
|
|
{
|
|
public:
|
|
|
|
IISCERTMAP_CONTEXT_STATE(
|
|
TOKEN_CACHE_ENTRY * pCachedToken,
|
|
BOOL fClientCertDeniedByIISCertMap
|
|
)
|
|
{
|
|
pCachedToken->ReferenceCacheEntry();
|
|
_pCachedIISCertMapToken = pCachedToken;
|
|
_fClientCertDeniedByIISCertMap = fClientCertDeniedByIISCertMap;
|
|
}
|
|
|
|
BOOL
|
|
Cleanup(
|
|
W3_MAIN_CONTEXT * pMainContext
|
|
)
|
|
{
|
|
if ( _pCachedIISCertMapToken != NULL )
|
|
{
|
|
_pCachedIISCertMapToken->DereferenceCacheEntry();
|
|
_pCachedIISCertMapToken = NULL;
|
|
}
|
|
|
|
delete this;
|
|
return TRUE;
|
|
}
|
|
|
|
TOKEN_CACHE_ENTRY *
|
|
QueryCachedIISCertMapToken(
|
|
VOID
|
|
)
|
|
{
|
|
return _pCachedIISCertMapToken;
|
|
}
|
|
|
|
BOOL
|
|
QueryClientCertDeniedByIISCertMap(
|
|
VOID
|
|
)
|
|
{
|
|
return _fClientCertDeniedByIISCertMap;
|
|
}
|
|
|
|
private:
|
|
|
|
TOKEN_CACHE_ENTRY * _pCachedIISCertMapToken;
|
|
BOOL _fClientCertDeniedByIISCertMap;
|
|
};
|
|
|
|
class IISCERTMAP_USER_CONTEXT : public W3_USER_CONTEXT
|
|
{
|
|
public:
|
|
IISCERTMAP_USER_CONTEXT( AUTH_PROVIDER * pProvider )
|
|
: W3_USER_CONTEXT( pProvider )
|
|
{
|
|
_fDelegatable = TRUE;
|
|
_achUserName[ 0 ] = L'\0';
|
|
}
|
|
|
|
virtual ~IISCERTMAP_USER_CONTEXT()
|
|
{
|
|
if ( _pCachedToken != NULL )
|
|
{
|
|
_pCachedToken->DereferenceCacheEntry();
|
|
_pCachedToken = NULL;
|
|
}
|
|
}
|
|
|
|
HRESULT
|
|
Create(
|
|
TOKEN_CACHE_ENTRY * _pCachedToken
|
|
);
|
|
|
|
WCHAR *
|
|
QueryUserName(
|
|
VOID
|
|
)
|
|
{
|
|
return _achUserName;
|
|
}
|
|
|
|
BOOL
|
|
QueryDelegatable(
|
|
VOID
|
|
)
|
|
{
|
|
return _fDelegatable;
|
|
}
|
|
|
|
WCHAR *
|
|
QueryPassword(
|
|
VOID
|
|
)
|
|
{
|
|
return L"";
|
|
}
|
|
|
|
DWORD
|
|
QueryAuthType(
|
|
VOID
|
|
)
|
|
{
|
|
return MD_ACCESS_MAP_CERT;
|
|
}
|
|
|
|
HANDLE
|
|
QueryImpersonationToken(
|
|
VOID
|
|
)
|
|
{
|
|
DBG_ASSERT( _pCachedToken != NULL );
|
|
return _pCachedToken->QueryImpersonationToken();
|
|
}
|
|
|
|
HANDLE
|
|
QueryPrimaryToken(
|
|
VOID
|
|
)
|
|
{
|
|
DBG_ASSERT( _pCachedToken != NULL );
|
|
return _pCachedToken->QueryPrimaryToken();
|
|
}
|
|
|
|
|
|
BOOL
|
|
IsValid(
|
|
VOID
|
|
)
|
|
{
|
|
return TRUE;
|
|
}
|
|
|
|
private:
|
|
BOOL _fDelegatable;
|
|
WCHAR _achUserName[ UNLEN + 1 ];
|
|
TOKEN_CACHE_ENTRY * _pCachedToken;
|
|
|
|
};
|
|
|
|
#endif
|