Additional Implementation Details

9:10 PM j. montgomery 0 Comments

Page 8 of 9
Previous Page: SmartCardPrincipal Implementation | Next Page: Implementing Authorization in ASP.NET

There are several more classes involved in this implementation, but they go beyond the scope of the HttpModule. If you download the sample code, you can take a look at my particular implementation. They are barely implemented so I’d recommend you use them at your own risk.
The Configuration Class
The Configuration class resolves some things like 401 error page, the database connection string, and the database connection timeout. The class had the following structure:

These values are retrieved from the web.config file:
1 <configuration> 2 <system.web> 3 4 </system.web> 5 <appSettings> 6 <add key="SmartCardAuthentication_UnauthorizedPage" 7 value="C:\WINNT\help\iisHelp\common\401-1.htm"/> 8 <add key="SmartCardAuthentication_ConnectionString" 9 value="integrated security=SSPI;data source=Server;initial catalog=Database"/> 10 <add key="SmartCardAuthentication_ConnectionTimeout" 11 value="180" /> 12 </appSettings> 13 </configuration>

The DataAccess Class

The DataAccess class had some methods for quickly retrieving data from the database.


The CryptoUtility Class
This class performed operations (hash compare, BinToHex() / HexToBin() conversions, etc.) on the X509 certificates. It also generates the Public Key hash used to retrieve users out of the database, and validates some simple properties on the X509 certificate for an internal sanity check. IIS should already be catching these problems before it gets to our code, but it can’t hurt to check again.

Some Final Tests


Once you have the SmartCardAuthenticationModule code up and running, a simple way to test it is as follows:

1 private void Page_Load(object sender, EventArgs e) 2 { 3 SmartCardIdentity smartCardIdentity = (SmartCardIdentity)Me.User.Identity; 4 SmartCardPrincipal smartCardPrincipal = (SmartCardPrincipal)Me.User; 5 6 Response.Write("Name: " + smartCardIdentity.Name + "<br>"); 7 Response.Write("Is Authenticated: " + smartCardIdentity.IsAuthenticated + "<br>"); 8 Response.Write("Authentication Type: " + smartCardIdentity.AuthenticationType + "<br>"); 9 Response.Write("Elevated User: " & SmartCardPrincipal.IsElevatedUser + "<br>");10 Response.Write("Is in role Administrator: " + this.User.IsInRole("Administrator"));11 }12

VB.Net

1 Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) _ 2 Handles MyBase.Load 3 4 Dim smartCardIdentity As SmartCardIdentity = DirectCast(Me.User.Identity, SmartCardIdentity) 5 Dim smartCardPrincipal As SmartCardPrincipal = DirectCast (Me.User, SmartCardPrincipal) 6 7 Response.Write("Name: " & smartCardIdentity.Name & "<br>") 8 Response.Write("Is Authenticated: " & smartCardIdentity.IsAuthenticated & "<br>") 9 Response.Write("Authentication Type: " & smartCardIdentity.AuthenticationType & "<br>")10 Response.Write("Elevated User: " & SmartCardPrincipal.IsElevatedUser & "<br>")11 Response.Write("Is in role Administrator: " & Me.User.IsInRole("Administrator"))12 End Sub 13

Previous Page: SmartCardPrincipal Implementation | Next Page: Implementing Authorization in ASP.NET
Page 8 of 9









0 comments: