Pulizia web.config...

This commit is contained in:
Samuele E. Locatelli
2018-12-03 12:50:34 +01:00
parent bd1eb3826a
commit 524c345fc6
5 changed files with 276 additions and 307 deletions
+12 -26
View File
@@ -50,43 +50,29 @@
<!--Redis conn-->
<add key="RedisConn" value="localhost,abortConnect=false,ssl=false" />
<add key="RedisConnAdmin" value="localhost,abortConnect=false,ssl=false" />
<add key="redisDb" value="2" />
<add key="redisDb" value="2" />
<!--gestione button-->
<add key="autoConfCmd" value="true" />
<!--<add key="autoConfCmd" value="true" />-->
<!--gestione pagina-->
<add key="intUpdatePagina_ms" value="120000" />
<!--<add key="intUpdatePagina_ms" value="120000" />
<add key="cacheValSec" value="60" />
<add key="numDD" value="90" />
<add key="_righeDataGrid" value="30" />
<add key="numDD" value="90" />-->
<!--<add key="_righeDataGrid" value="30" />
<add key="_righeDataGridAnagr" value="20" />
<add key="_righeDataGridLong" value="20" />
<add key="_righeDataGridMed" value="15" />
<add key="_righeDataGridShort" value="10" />
<add key="_fromEmail" value="xps@steamware.net" />
<add key="_allowForceUser" value="true" />
<add key="_righeDataGridShort" value="10" />-->
<!--<add key="_fromEmail" value="ctrack@steamware.net" />
<add key="_allowForceUser" value="true" />-->
<add key="_safePages" value="chLang#jumper#unauthorized#forceUser#login#test#UserAdmin" />
<add key="_loginPages" value="UserAdmin" />
<add key="_commonPages" value="menu.aspx" />
<add key="_titoloPagina" value="C.TRACKS" />
<add key="appName" value="C.TRACKS" />
<add key="defaultApp" value="XPS_Appl" />
<add key="defaultTitle" value="XPS_ShortWelcome" />
<add key="defaultBody" value="XPS_LongWelcome" />
<add key="_treeMaxChar" value="45" />
<add key="_showAllTree" value="false" />
<add key="_jumpStart" value="10" />
<add key="defDayLeadTime" value="3" />
<add key="_forcedDestEmail" value="samuele@steamware.net" />
<add key="_adminEmail" value="samuele@steamware.net" />
<!--<add key="_commonPages" value="menu" />
<add key="appName" value="C.TRACKS" />-->
<!--<add key="_adminEmail" value="samuele@steamware.net" />
<add key="_emailUser" value="magazzino@fosfatazione.it" />
<add key="_emailPwd" value="07fosfatazione" />
<add key="_smtpCli" value="smtp.fosfatazione.it" />
<add key="_enableSSL" value="false" />
<add key="_PortSSL" value="587" />
<add key="_enableSSL" value="false" />-->
<!--area auth-->
<add key="AuthCookieName" value="C.TRACKS_Auth" />
<add key="enablePlain" value="true" />
@@ -31,15 +31,6 @@ namespace C_TRACK.WebUserControls
divArticolo.Attributes.Add("class", CodArticolo != "" ? "col-3 text-center table-success text-success" : "col-3 text-center text-secondary");
divCommessa.Attributes.Add("class", NumTask != "" ? "col-3 text-center table-success text-success" : "col-3 text-center text-secondary");
divQta.Attributes.Add("class", Quantita > 0 ? "col-3 text-center table-success text-success" : "col-3 text-center text-secondary");
//lblCodArt.CssClass = CodArticolo != "" ? "btn btn-sm btn-block btn-success" : "text-secondary";
//lblNumTask.CssClass = NumTask != "" ? "btn btn-sm btn-block btn-success" : "text-secondary";
//lblQta.CssClass = Quantita > 0 ? "btn btn-sm btn-block btn-success" : "text-secondary";
//lblCodArt.CssClass = CodArticolo != "" ? "text-success" : "text-secondary";
//lblNumTask.CssClass = NumTask != "" ? "text-success" : "text-secondary";
//lblQta.CssClass = Quantita > 0 ? "text-success" : "text-secondary";
}
/// <summary>
/// RegExp x Cod ARTICOLO
+262 -270
View File
@@ -1,277 +1,269 @@
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using SteamWare;
using System;
using System.Web.UI;
namespace C_TRACK.WebUserControls
{
/// <summary>
/// classe gestione login e forzatura login
/// </summary>
public partial class mod_login : SteamWare.UserControl
/// <summary>
/// classe gestione login e forzatura login
/// </summary>
public partial class mod_login : SteamWare.UserControl
{
protected override void OnInit(EventArgs e)
{
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
if (!Page.IsPostBack)
{
traduciObj();
}
}
#region area protected/private
#region area proprietà
private SteamWare.loginMode _isForceUser = SteamWare.loginMode.normale;
#endregion
#region area metodi
/// <summary>
/// imposta la modalità di login tra normale / forceUser
/// </summary>
private void setLoginMode()
{
if (_isForceUser == SteamWare.loginMode.forceUser)
{
pnlForceUser.Visible = true;
}
else
{
pnlForceUser.Visible = false;
}
}
protected void traduciObj()
{
lblPwd.Text = user_std.UtSn.Traduci("lblPwd");
lblUser.Text = user_std.UtSn.Traduci("lblUser");
lblDominio.Text = user_std.UtSn.Traduci("lblDominio");
lblTitolo.Text = user_std.UtSn.Traduci("ForzaUtente");
btnOk.Text = user_std.UtSn.Traduci("btnCommit");
}
/// <summary>
/// prova a verificare se l'utente sia ok x AD credentials
/// </summary>
private void AdLogin()
{
lblMessage.Text = "User not authenticated...";
if (Page.User.Identity.IsAuthenticated)
{
//recupera user windows se c'è...
string ad_name = Page.User.Identity.Name;
string delimStr = "\\";
char[] delimiter = delimStr.ToCharArray();
string[] dom_user = ad_name.Split(delimiter, 2);
// passo al controllo di verifica ADuserOk...
user_std _utente = new user_std();
if (_utente.ADuserOk(dom_user[0], dom_user[1]))
{
bool fatto = _utente.startUpUtente(dom_user[0], dom_user[1]);
if (fatto)
{
// salvo cookie!
string DeviceName = "";
string IPv4 = "";
string userAgent = "";
try
{
userAgent = Request.UserAgent;
DeviceName = Request.UserHostName;
IPv4 = Request.UserHostName;
}
catch
{ }
if (memLayer.ML.confReadBool("enableCookie"))
{
// elimino eventuali altri cookie x dominio/user/devName
DataWrap.DW.taAnagDev.delByDominioUserDeviceName(dom_user[0], dom_user[1], DeviceName);
// creo nuovo cookie
authProxy.createNewCookie(dom_user[0], dom_user[1], 0, DeviceName, userAgent, IPv4, memLayer.ML.confReadString("CodModulo"), DateTime.Now.AddDays(memLayer.ML.confReadInt("cookieDayExp")));
}
// loggo
SteamWare.logger.lg.scriviLog(string.Format("L'utente {0} ({1}) ha effettuato il login correttamente", _utente.CognomeNome, _utente.userNameAD), SteamWare.tipoLog.INFO);
if (Login_ok != null)
{
Login_ok(this, new EventArgs());
}
}
else
{
lblMessage.Text = String.Format("{0}<br>There are some problems instatiating user: {1}/{2}", user_std.UtSn.Traduci("AccessFail"), dom_user[0], dom_user[1]);
SteamWare.logger.lg.scriviLog(String.Format("Accesso fallito, problemi ad istanziare l'utente {0}/{1}", dom_user[0], dom_user[1]), SteamWare.tipoLog.ERROR);
if (Login_Error != null)
{
Login_Error(this, new EventArgs());
}
}
}
else
{
lblMessage.Text = String.Format("{0}<br>user not allowed: {1}/{2}", user_std.UtSn.Traduci("AccessFail"), dom_user[0], dom_user[1]);
SteamWare.logger.lg.scriviLog(String.Format("Utente non autorizzato: {0}/{1}", dom_user[0], dom_user[1]), SteamWare.tipoLog.WARNING);
if (Login_Error != null)
{
Login_Error(this, new EventArgs());
}
}
}
else
{
lblMessage.Text = user_std.UtSn.Traduci("AccessFail") + user_std.UtSn.Traduci("UsrNotAuth");
SteamWare.logger.lg.scriviLog(String.Format("Accesso fallito, utente non autenticato"), SteamWare.tipoLog.WARNING);
if (Login_Error != null)
{
Login_Error(this, new EventArgs());
}
}
}
/// <summary>
/// effettua verifiche e se concesso permette di forzare l'accesso utente
/// </summary>
private void ForceUserIdentity()
{
if (Page.User.Identity.IsAuthenticated)
{
bool _allowForceUser = false;
try
{
_allowForceUser = SteamWare.memLayer.ML.confReadBool("_allowForceUser");
}
catch
{
_allowForceUser = false;
}
if (_allowForceUser)
{
if (authKey.Text == "forzaInter") // verifica passphrase...
{
user_std _utente = new user_std();
user_std.UtSn.isForcedUser = true;
bool fatto = _utente.startUpUtente(dominio.Text, user.Text);
if (fatto)
{
string _rigaLog = String.Format("User {0} has forced user identity ok: logged as \t {1}\\{2}", Page.User.Identity.Name, dominio.Text, user.Text);
SteamWare.logger.lg.scriviLog(_rigaLog, SteamWare.tipoLog.INFO);
if (Login_ok != null)
{
Login_ok(this, new EventArgs());
}
}
}
else
{
lblMessage.Text = String.Format("{0}<br>key not allowed for operation!!! operation logged!!!", user_std.UtSn.Traduci("AccessFail"));
gestEmail.geAuth.mandaEmail(email.senderEmail, email.adminEmail, "Attenzione: tentativo di accesso non autorizzato!", String.Format("Tentativo di forcing user non autorizzato!<br>L'utente {0} ha tentato di accedere a {1} forzando l'utente ma la sua key autorizzativa e' sbagliata...", Page.User.Identity.Name, user_std.UtSn.Traduci(SteamWare.memLayer.ML.confReadString("defaultApp"))));
string _rigaLog = String.Format("User {0}\t tried to force user - wrong password - he tried to log as \t {1}\\{2}", Page.User.Identity.Name, dominio.Text, user.Text);
SteamWare.logger.lg.scriviLog(_rigaLog, SteamWare.tipoLog.WARNING);
if (Login_Error != null)
{
Login_Error(this, new EventArgs());
}
}
}
else
{
gestEmail.geAuth.mandaEmail(email.senderEmail, email.adminEmail, "Attenzione: tentativo di accesso non autorizzato!", String.Format("Tentativo di forcing user non autorizzato!<br>L'utente {0} ha tentato di accedere a {1} forzando l'utente ma la funzione e' disabilitata...", Page.User.Identity.Name, user_std.UtSn.Traduci(SteamWare.memLayer.ML.confReadString("defaultApp"))));
string _rigaLog = String.Format("User {0}\t tried to force user - access disabled - he tried to log as \t {1}\\{2}", Page.User.Identity.Name, dominio.Text, user.Text);
SteamWare.logger.lg.scriviLog(_rigaLog, SteamWare.tipoLog.WARNING);
if (Login_Error != null)
{
Login_Error(this, new EventArgs());
}
}
}
else
{
lblMessage.Text = string.Format("{0}<br>user not authenticated!<br>", user_std.UtSn.Traduci("AccessFail"));
if (Login_Error != null)
{
Login_Error(this, new EventArgs());
}
string _rigaLog = String.Format("\t Someone tried to force user - real user: \t - not autenticated - \t tried to log as \t {0}\\{1}", dominio.Text, user.Text);
SteamWare.logger.lg.scriviLog(_rigaLog, SteamWare.tipoLog.WARNING);
}
}
protected void btnOk_Click(object sender, EventArgs e)
{
ForceUserIdentity();
}
#endregion
#endregion
#region area public
#region eventi pubblici esposti
public event EventHandler Login_ok;
public event EventHandler Login_Error;
#endregion
#region area proprietà
/// <summary>
/// modalità funzionamento controllo tra normale (ActiveDirectory e user auth di default) e forceUser
/// </summary>
public SteamWare.loginMode modoLogin
{
get
{
return _isForceUser;
}
set
{
_isForceUser = value;
}
}
#endregion
/// <summary>
/// avvio pagina
/// </summary>
protected void Page_Load(object sender, EventArgs e)
{
// procedo...
setLoginMode();
Session.RemoveAll();
if (_isForceUser == SteamWare.loginMode.normale)
{
bool cookieLogin = false;
if (memLayer.ML.confReadBool("enableCookie"))
{
cookieLogin = devicesAuthProxy.stObj.isAuth;// authProxy.tryAuthByCookie(memLayer.ML.confReadString("AuthCookie"));
}
if (!cookieLogin)
{
AdLogin();
}
else
{
if (Login_ok != null)
{
Login_ok(this, new EventArgs());
}
}
}
}
#endregion
base.OnInit(e);
if (!Page.IsPostBack)
{
traduciObj();
}
}
#region area protected/private
#region area proprietà
private SteamWare.loginMode _isForceUser = SteamWare.loginMode.normale;
#endregion
#region area metodi
/// <summary>
/// imposta la modalità di login tra normale / forceUser
/// </summary>
private void setLoginMode()
{
if (_isForceUser == SteamWare.loginMode.forceUser)
{
pnlForceUser.Visible = true;
}
else
{
pnlForceUser.Visible = false;
}
}
protected void traduciObj()
{
lblPwd.Text = user_std.UtSn.Traduci("lblPwd");
lblUser.Text = user_std.UtSn.Traduci("lblUser");
lblDominio.Text = user_std.UtSn.Traduci("lblDominio");
lblTitolo.Text = user_std.UtSn.Traduci("ForzaUtente");
btnOk.Text = user_std.UtSn.Traduci("btnCommit");
}
/// <summary>
/// prova a verificare se l'utente sia ok x AD credentials
/// </summary>
private void AdLogin()
{
lblMessage.Text = "User not authenticated...";
if (Page.User.Identity.IsAuthenticated)
{
//recupera user windows se c'è...
string ad_name = Page.User.Identity.Name;
string delimStr = "\\";
char[] delimiter = delimStr.ToCharArray();
string[] dom_user = ad_name.Split(delimiter, 2);
// passo al controllo di verifica ADuserOk...
user_std _utente = new user_std();
if (_utente.ADuserOk(dom_user[0], dom_user[1]))
{
bool fatto = _utente.startUpUtente(dom_user[0], dom_user[1]);
if (fatto)
{
// salvo cookie!
string DeviceName = "";
string IPv4 = "";
string userAgent = "";
try
{
userAgent = Request.UserAgent;
DeviceName = Request.UserHostName;
IPv4 = Request.UserHostName;
}
catch
{ }
if (memLayer.ML.confReadBool("enableCookie"))
{
// elimino eventuali altri cookie x dominio/user/devName
DataWrap.DW.taAnagDev.delByDominioUserDeviceName(dom_user[0], dom_user[1], DeviceName);
// creo nuovo cookie
authProxy.createNewCookie(dom_user[0], dom_user[1], 0, DeviceName, userAgent, IPv4, memLayer.ML.confReadString("CodModulo"), DateTime.Now.AddDays(memLayer.ML.confReadInt("cookieDayExp")));
}
// loggo
SteamWare.logger.lg.scriviLog(string.Format("L'utente {0} ({1}) ha effettuato il login correttamente", _utente.CognomeNome, _utente.userNameAD), SteamWare.tipoLog.INFO);
if (Login_ok != null)
{
Login_ok(this, new EventArgs());
}
}
else
{
lblMessage.Text = String.Format("{0}<br>There are some problems instatiating user: {1}/{2}", user_std.UtSn.Traduci("AccessFail"), dom_user[0], dom_user[1]);
SteamWare.logger.lg.scriviLog(String.Format("Accesso fallito, problemi ad istanziare l'utente {0}/{1}", dom_user[0], dom_user[1]), SteamWare.tipoLog.ERROR);
if (Login_Error != null)
{
Login_Error(this, new EventArgs());
}
}
}
else
{
lblMessage.Text = String.Format("{0}<br>user not allowed: {1}/{2}", user_std.UtSn.Traduci("AccessFail"), dom_user[0], dom_user[1]);
SteamWare.logger.lg.scriviLog(String.Format("Utente non autorizzato: {0}/{1}", dom_user[0], dom_user[1]), SteamWare.tipoLog.WARNING);
if (Login_Error != null)
{
Login_Error(this, new EventArgs());
}
}
}
else
{
lblMessage.Text = user_std.UtSn.Traduci("AccessFail") + user_std.UtSn.Traduci("UsrNotAuth");
SteamWare.logger.lg.scriviLog(String.Format("Accesso fallito, utente non autenticato"), SteamWare.tipoLog.WARNING);
if (Login_Error != null)
{
Login_Error(this, new EventArgs());
}
}
}
/// <summary>
/// effettua verifiche e se concesso permette di forzare l'accesso utente
/// </summary>
private void ForceUserIdentity()
{
if (Page.User.Identity.IsAuthenticated)
{
bool _allowForceUser = false;
try
{
_allowForceUser = SteamWare.memLayer.ML.CRB("_allowForceUser");
}
catch
{
_allowForceUser = false;
}
if (_allowForceUser)
{
if (authKey.Text == "forzaInter") // verifica passphrase...
{
user_std _utente = new user_std();
user_std.UtSn.isForcedUser = true;
bool fatto = _utente.startUpUtente(dominio.Text, user.Text);
if (fatto)
{
string _rigaLog = String.Format("User {0} has forced user identity ok: logged as \t {1}\\{2}", Page.User.Identity.Name, dominio.Text, user.Text);
SteamWare.logger.lg.scriviLog(_rigaLog, SteamWare.tipoLog.INFO);
if (Login_ok != null)
{
Login_ok(this, new EventArgs());
}
}
}
else
{
lblMessage.Text = String.Format("{0}<br>key not allowed for operation!!! operation logged!!!", user_std.UtSn.Traduci("AccessFail"));
gestEmail.geAuth.mandaEmail(email.senderEmail, email.adminEmail, "Attenzione: tentativo di accesso non autorizzato!", String.Format("Tentativo di forcing user non autorizzato!<br>L'utente {0} ha tentato di accedere a {1} forzando l'utente ma la sua key autorizzativa e' sbagliata...", Page.User.Identity.Name, memLayer.ML.CRS("appName")));
string _rigaLog = String.Format("User {0}\t tried to force user - wrong password - he tried to log as \t {1}\\{2}", Page.User.Identity.Name, dominio.Text, user.Text);
SteamWare.logger.lg.scriviLog(_rigaLog, SteamWare.tipoLog.WARNING);
if (Login_Error != null)
{
Login_Error(this, new EventArgs());
}
}
}
else
{
gestEmail.geAuth.mandaEmail(email.senderEmail, email.adminEmail, "Attenzione: tentativo di accesso non autorizzato!", String.Format("Tentativo di forcing user non autorizzato!<br>L'utente {0} ha tentato di accedere a {1} forzando l'utente ma la funzione e' disabilitata...", Page.User.Identity.Name, memLayer.ML.CRS("appName")));
string _rigaLog = String.Format("User {0}\t tried to force user - access disabled - he tried to log as \t {1}\\{2}", Page.User.Identity.Name, dominio.Text, user.Text);
SteamWare.logger.lg.scriviLog(_rigaLog, SteamWare.tipoLog.WARNING);
if (Login_Error != null)
{
Login_Error(this, new EventArgs());
}
}
}
else
{
lblMessage.Text = string.Format("{0}<br>user not authenticated!<br>", user_std.UtSn.Traduci("AccessFail"));
if (Login_Error != null)
{
Login_Error(this, new EventArgs());
}
string _rigaLog = String.Format("\t Someone tried to force user - real user: \t - not autenticated - \t tried to log as \t {0}\\{1}", dominio.Text, user.Text);
SteamWare.logger.lg.scriviLog(_rigaLog, SteamWare.tipoLog.WARNING);
}
}
protected void btnOk_Click(object sender, EventArgs e)
{
ForceUserIdentity();
}
#endregion
#endregion
#region area public
#region eventi pubblici esposti
public event EventHandler Login_ok;
public event EventHandler Login_Error;
#endregion
#region area proprietà
/// <summary>
/// modalità funzionamento controllo tra normale (ActiveDirectory e user auth di default) e forceUser
/// </summary>
public SteamWare.loginMode modoLogin
{
get
{
return _isForceUser;
}
set
{
_isForceUser = value;
}
}
#endregion
/// <summary>
/// avvio pagina
/// </summary>
protected void Page_Load(object sender, EventArgs e)
{
// procedo...
setLoginMode();
Session.RemoveAll();
if (_isForceUser == SteamWare.loginMode.normale)
{
bool cookieLogin = false;
if (memLayer.ML.confReadBool("enableCookie"))
{
cookieLogin = devicesAuthProxy.stObj.isAuth;// authProxy.tryAuthByCookie(memLayer.ML.confReadString("AuthCookie"));
}
if (!cookieLogin)
{
AdLogin();
}
else
{
if (Login_ok != null)
{
Login_ok(this, new EventArgs());
}
}
}
}
#endregion
}
}
@@ -40,7 +40,7 @@ namespace C_TRACK.WebUserControls
{
Response.Redirect("~/login");
}
lblTitolo.Text = memLayer.ML.confReadString("appName");
lblTitolo.Text = memLayer.ML.CRS("appName");
}
/// <summary>
/// salva in variabile pagina il nome della pagina corrente
Vendored
+1 -1
View File
@@ -20,7 +20,7 @@ pipeline {
/* calcolo numero versione... diverso x branch MASTER/DEVELOP */
script {
withEnv(['NEXT_BUILD_NUMBER=103']) {
withEnv(['NEXT_BUILD_NUMBER=104']) {
// env.versionNumber = VersionNumber(versionNumberString : '1.1.${BUILD_DATE_FORMATTED, "yyMM"}.${BUILDS_ALL_TIME}', projectStartDate : '2018-01-01', skipFailedBuilds: true)
env.versionNumber = VersionNumber(versionNumberString : '1.1.${BUILD_DATE_FORMATTED, "yyMM"}.${BUILDS_ALL_TIME}', projectStartDate : '2018-01-01', skipFailedBuilds: true, overrideBuildsAllTime: '${NEXT_BUILD_NUMBER}')
env.APP_NAME = 'C.TRACK'