using System; using System.Collections.Generic; using System.Text; namespace Crowd.Integration.Sample { /// /// Simple authentication sample using Crowd SOAP API with C# via a Proxy Component. /// public class Authentication { // Instance of Proxy to SOAP API private SecurityServer _securityServer = new SecurityServer(); // Sample constants - change these appropriate to your application // NB: This is not secure and is included here for test purposes only. private const string APPLICATION_NAME = "SampleApp"; private const string APPLICATION_PWD = "SamplePwd"; public Authentication() { // Class constructor. } /// /// Authenticates a user in the sample application /// /// Name of the user (principal) to be authenticated /// Password to validate /// If authenticated, returns when the user was last modified /// TRUE if the user was successfully authenticated, FALSE otherwise public bool Authenticate(string username, string password, out DateTime lastModified) { bool authenticated = false; lastModified = DateTime.MinValue; // Set-up authentication context for the application ApplicationAuthenticationContext appContext = new ApplicationAuthenticationContext(); appContext.name = APPLICATION_NAME; // Provide the password associated with the application, as set-up in Crowd. PasswordCredential pwdApp = new PasswordCredential(); pwdApp.credential = APPLICATION_PWD; appContext.credential = pwdApp; try { // Authenticate the application (will fire a SOAPException if authentication fails). AuthenticatedToken appToken = _securityServer.authenticateApplication(appContext); if (appToken != null) { // Set-up authentication context for the principal (user) PrincipalAuthenticationContext principalContext = new PrincipalAuthenticationContext(); principalContext.application = APPLICATION_NAME; principalContext.name = username; // Provide the password for authenticating this principal (user) PasswordCredential pwdPrincipal = new PasswordCredential(); pwdPrincipal.credential = password; principalContext.credential = pwdPrincipal; // Authenticate the principal (will fire a SOAPException if authentication fails). string principalToken = _securityServer.authenticatePrincipal(appToken, principalContext); if (!String.IsNullOrEmpty(principalToken)) { // Find some more details about this authentication user. SOAPPrincipal principal = _securityServer.findPrincipalByToken(appToken, principalToken); if (principal != null) // Return when the user details were last modified lastModified = principal.lastModified; authenticated = true; } } } catch (System.Web.Services.Protocols.SoapException soapException) { // Handle Authentication/SOAP Errors here... Console.WriteLine(soapException.Message); // Consult soapException.Detail.FirstChild.Name for further details: // This may be set to one of: // RemoteException // InvalidAuthenticationException // InvalidAuthorizationTokenException // InactiveAccountException // InvalidTokenException } catch (Exception ex) { // Handle all other errors here... Console.WriteLine(ex.Message); } return authenticated; } } }