Setting up Custom SAML Authentication
Create a file and moved that file into Root/App_Code/Custom directory
Then in Admin > Global Login Create New Record
Source = SAML 2.0 (Symantec, Okta, Ping Identity)
SAML Type = Custom
SAML Custom Type = er_CustomSamlGlobalLogin (the name of your class in this example)
using Centralpoint.Web;
using Centralpoint.WebSite;
using Centralpoint.WebSite.Modules;
using ComponentSpace.SAML2.Assertions;
using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
/// <summary>
/// Summary description for er_CustomSamlGlobalLogin
/// </summary>
public class er_CustomSamlGlobalLogin : AuthenticationSources.SamlSource
{
public er_CustomSamlGlobalLogin(DataInfo dataInfo) : base(dataInfo)
{
//
// TODO: Add constructor logic here
//
}
/// <summary>
/// custom integration test
/// </summary>
/// <param name="integrationId">This is the id field passed saml Name -- not an attribute</param>
/// <param name="attributes">saml attributes being passsed</param>
public override bool IntegrateUser(string integrationId, SAMLAttribute[] attributes, out Guid userId)
{
userId = new Guid();
//do not change the order of the columns they are referenced by the index
string sql = $"Select UserId, Configuration.value('(/cpCollection/group/property[@id=\"LoginRedirectUrl\"]/value)[1]', 'NVarChar(255)') AS LoginRedirectUrl, LastLoginDate, Properties from cpsys_Users where UserName = '{integrationId}' and AuthenticationSourcesDataId is null ";
bool userLockout = false;
string propertiesFile = String.Empty;
HttpContext.Current.Trace.Warn("IntegrateUser-sql", sql);
using (SqlConnection connect = new SqlConnection(Management.Application.SelectConnectionString))
{
SqlCommand command = new SqlCommand(sql, connect);
connect.Open();
using (SqlDataReader reader = command.ExecuteReader())
{
if (!reader.HasRows)
{
userId = new Guid();
return false;
}
while (reader.Read())
{
userId = (Guid)reader["UserId"];
string loginRedirectUrl = reader.IsDBNull(1) ? String.Empty : (string)reader["LoginRedirectUrl"];
DateTime lastLoginDate = reader.IsDBNull(2) ? DateTime.MinValue : (DateTime)reader["LastLoginDate"];
propertiesFile = reader.IsDBNull(3) ? String.Empty : (string)reader["Properties"];
string samlCustomParameters = this.DataInfo.Attributes.Get("SamlCustomParameters");
HttpContext.Current.Trace.Warn("IntegrateUser-samlCustomParameters", samlCustomParameters);
bool isEricssonUser = integrationId.IndexOf("@ericsson.", StringComparison.OrdinalIgnoreCase) >= 0;
HttpContext.Current.Trace.Warn("IntegrateUser-isEricssonUser", isEricssonUser.ToString());
if (!isEricssonUser)
{
int daysOver; if (!Int32.TryParse(samlCustomParameters.Trim(), out daysOver)) daysOver = 45;
HttpContext.Current.Trace.Warn("IntegrateUser-lastLoginDate", lastLoginDate.ToString());
HttpContext.Current.Trace.Warn("IntegrateUser-daysOver", daysOver.ToString());
if(daysOver > 0) userLockout = ((DateTime.UtcNow - lastLoginDate).TotalDays > daysOver);
HttpContext.Current.Trace.Warn("IntegrateUser-userLockout", userLockout.ToString());
}
HttpContext.Current.Trace.Warn("IntegrateUser-loginRedirectUrl", loginRedirectUrl);
if (!String.IsNullOrWhiteSpace(loginRedirectUrl))
HttpContext.Current.Session["IntegrateUser:LoginRedirectUrl"] = loginRedirectUrl;
}
}
}
if (userId != new Guid())
{
Centralpoint.Web.User.SetLoginSiteTypeCookie(SiteTypes.WebSite);
//updated by Vlad
string userLockoutSql = String.Empty;
if (userLockout)
{
CpCollection properties = new CpCollection();
if (String.IsNullOrWhiteSpace(propertiesFile))
{
using (SqlConnection connect = new SqlConnection(Management.Application.SelectConnectionString))
{
Centralpoint.Web.Cms.Users users = new Centralpoint.Web.Cms.Users(connect);
properties.Load(users.Properties());
}
}
properties.Load(propertiesFile);
properties.Set("InactivityLockedOut", "1");
userLockoutSql = $", Properties='{properties.Serialize()}'";
}
HttpContext.Current.Trace.Warn("ExecuteNonQuery:IntegrateUser-userId", $"{userId}");
DateTime updateDt = DateTime.UtcNow;
Centralpoint.Utilities.Database.ExecuteNonQuery(Management.Application.ExecuteConnectionString, $"UPDATE cpsys_Users SET LastLoginDate = '{updateDt}'{userLockoutSql} WHERE UserId = '{userId}'; ");
return true;
}
else
{
return false;
}
}
}
Keywords: Global Login, SAML
Related Code Samples Records