Remove RADIUS token popup window

RDSFactorWeb/RDWeb/Pages/Site.xsl

@@ -27,6 +27,7 @@
         <xsl:apply-templates select="Style"/>
           
         <script language="javascript" type="text/javascript" src='../renderscripts.js'/>
+        <script language="javascript" type="text/javascript" src='../jquery-1.11.2.min.js'/>
         <script language="javascript" type="text/javascript">
           var sHelpSource = &quot;<xsl:value-of select="@helpurl"/>&quot;;          
           <xsl:value-of select="HeaderJS[1]"/>
@@ -644,13 +645,19 @@
 
 
       function goRDP(pid, rdpContents, url) {
-
-
-      var wnd = window.open("token.aspx?User=" + getUserNameRdpProperty(), "Launch application","location=0,status=0,scrollbars=0, width=200,height=100");
-      <!--wnd.addEventListener('load', wnd.doSomething, true);-->
-      setTimeout(function() {
-      wnd.close();
-      }, 2000);
+        // validate RADIUS token before continuing
+        // logout if not valid.
+        $.ajax("checktoken.aspx", {
+          success: function(){
+            oldGoRDP(pid, rdpContents, url);
+          },
+          error: function(xhr, status, error){
+            window.location.href = strBaseUrl + 'logoff.aspx?Error=SessionExpired';
+          }
+        });
+      }
+      
+      function oldGoRDP(pid, rdpContents, url){
 
       if (ActiveXMode) {
       

RDSFactorWeb/RDWeb/Pages/en-US/checktoken.aspx

@@ -0,0 +1,2 @@
+<%@ Page Language="C#" AutoEventWireup="true" CodeFile="checktoken.aspx.cs" Inherits="CheckToken" %>
+

RDSFactorWeb/RDWeb/Pages/en-US/checktoken.aspx.cs

@@ -0,0 +1,63 @@
+using System;
+using System.Collections.Generic;
+using System.Web;
+using System.Web.UI;
+using System.Web.UI.WebControls;
+using System.Configuration;
+
+using RADAR;
+
+public partial class CheckToken : System.Web.UI.Page
+{
+
+    String radiusServer = ConfigurationManager.AppSettings["RadiusServer"];
+    String radiusSharedSecret = ConfigurationManager.AppSettings["RadiusSecret"];
+
+    RADIUSClient radiusClient;
+    String username;
+    String token;
+
+    public CheckToken()
+    {
+        radiusClient = new RADIUSClient(radiusServer, 1812, radiusSharedSecret);
+    }
+
+    // Check validity of token (radius session id) by authenticating against 
+    // the RADIUS server
+    //
+    // Called when clicking on applications
+    // 
+    // Returns 401 if not valid
+    protected void Page_Load(object sender, EventArgs e)
+    {
+        username = (string)Session["DomainUserName"];
+        HttpCookie tokenCookie = Request.Cookies["RadiusSessionId"];
+
+        if (tokenCookie == null)
+        {
+            throw new HttpException(401, "Token required");
+        }
+        token = tokenCookie.Value;
+
+        VendorSpecificAttribute vsa = new VendorSpecificAttribute(VendorSpecificType.Generic, "LAUNCH");
+        RADIUSAttributes atts = new RADIUSAttributes();
+        vsa.SetRADIUSAttribute(ref atts);
+
+        try
+        {
+            RADIUSPacket response = radiusClient.Authenticate(username, token, atts);
+            if (response.Code == RadiusPacketCode.AccessAccept)
+            {
+                Response.Write("Ready to launch application. Granted access!");
+            }
+            else
+            {
+                throw new HttpException(401, "Token is no longer valid!");
+            }
+        }
+        catch (Exception ex)
+        {
+            throw new HttpException(500, "Exception! failure. " + ex.Message);
+        }
+    }
+}

RDSFactorWeb/RDWeb/Pages/en-US/login.aspx

@@ -28,6 +28,7 @@
     const string L_LogonFailureLabel_Text = "The user name or password that you entered is not valid. Try typing it again.";
     const string L_LogonSMSFailureLabel_Text = "The token code that you entered is not valid. Try again.";
     const string L_LogonRadiusFailureLabel_Text = "The radius server did not respond. Check radius configuration or give it another try.";
+    const string L_SessionExpired_Text = "The session has expired. Please login again.";
     const string L_DomainNameMissingLabel_Text = "You must enter a valid domain name.";
     const string L_AuthorizationFailureLabel_Text = "You aren’t authorized to log on to this connection.  Contact your system administrator for authorization.";
     const string L_ServerConfigChangedLabel_Text = "Your RD Web Access session expired due to configuration changes on the remote computer.  Please sign in again.";
@@ -63,6 +64,7 @@
     public Uri baseUrl;
     public bool bEnableSMS = false;
     public bool bEnableMail = false;
+    public bool bSessionExpired = false;
     public string strPrivateModeTimeout = "240";
     public string strPublicModeTimeout = "20";
 
@@ -121,7 +123,7 @@
                 else
                 {
                     strReturnUrlPage = objQueryString["ReturnUrl"].ToLower();
-                    strReturnUrl = "?ReturnUrl=" + HttpUtility.UrlEncode(strReturnUrlPage.Replace("default.aspx", "smstoken.aspx")); 
+                    strReturnUrl = "?ReturnUrl=" + HttpUtility.UrlEncode(strReturnUrlPage.Replace("default.aspx", "tokenform.aspx")); 
                 }
             }
             if ( objQueryString["Error"] != null )
@@ -130,6 +132,10 @@
                 {
                     bWorkspaceInUse = true;
                 }
+                else if (objQueryString["Error"].Equals("SessionExpired"))
+                {
+                    bSessionExpired = true;
+                }
                 else if ( objQueryString["Error"].Equals("WkSDisconnected", StringComparison.CurrentCultureIgnoreCase) )
                 {
                     bWorkspaceDisconnected = true;
@@ -307,7 +313,7 @@
                 Session["UserPass"] = UserPass;
                 Session["DomainUserName"]= DomainUserName;
                 Session["Delivery"] =  Delivery;
-                strRedirectSafeUrl = "smstoken.aspx";
+                strRedirectSafeUrl = "tokenform.aspx";
            
             }
         }
@@ -545,6 +551,26 @@
             </td>
             </tr>
 
+    <%
+    strErrorMessageRowStyle = "style=\"display:none\"";
+    if ( bSessionExpired == true )
+    {
+    strErrorMessageRowStyle = "style=\"display:\"";
+    }
+    %>
+          <tr id="tr2" <%=strErrorMessageRowStyle%> >
+            <td>
+                <table>
+                <tr>
+                    <td height="20">&#160;</td>
+                </tr>
+                <tr>
+                    <td><span class="wrng"><%=L_SessionExpired_Text %></span></td>
+                </tr>
+                </table>
+            </td>
+          </tr>
+
     <%
     strErrorMessageRowStyle = "style=\"display:none\"";
     if ( bFailedLogon == true )

RDSFactorWeb/RDWeb/Pages/en-US/token.aspx

@@ -1,24 +0,0 @@
-<%@ Page Language="C#" AutoEventWireup="true" CodeFile="token.aspx.cs" Inherits="Pages_en_US_token" %>
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-
-    <head runat="server">
-        <title></title>
-        <script type="text/javascript">
-            function doSomething() {
-
-            }
-      </script>
-    </head>
-
-    <body>
-        <form id="form1" runat="server">
-            <div>   
-                <asp:Label ID="Label1" runat="server" Text="Label" Visible="False"></asp:Label>
-            </div>
-        </form>
-    </body>
-
-</html>

RDSFactorWeb/RDWeb/Pages/en-US/token.aspx.cs

@@ -1,53 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Web;
-using System.Web.UI;
-using System.Web.UI.WebControls;
-using RADAR;
-using System.Configuration;
-
-
-public partial class Pages_en_US_token : System.Web.UI.Page
-{
-    protected void Page_Load(object sender, EventArgs e)
-    {
-        string tmpUser = Request.QueryString["User"];
-        string DomainUserName = tmpUser.Replace("UserName:s:", "");
-        HttpCookie sessionId = new HttpCookie("RadiusSessionId");
-        sessionId = Request.Cookies["RadiusSessionId"];
-
-        // Read the cookie information and display it.
-        if (sessionId != null)
-        {
-            string RadiusServer = ConfigurationManager.AppSettings["RadiusServer"];
-            string RadiusSecret = ConfigurationManager.AppSettings["RadiusSecret"];
-
-            RADIUSClient client = new RADIUSClient(RadiusServer, 1812, RadiusSecret);
-
-            VendorSpecificAttribute vsa = new VendorSpecificAttribute(VendorSpecificType.Generic, "LAUNCH");
-            RADIUSAttributes atts = new RADIUSAttributes();
-            vsa.SetRADIUSAttribute(ref atts);
-
-            try
-            {
-                RADIUSPacket response = client.Authenticate(DomainUserName, sessionId.Value, atts);
-                if (response.Code == RadiusPacketCode.AccessAccept)
-                {
-                    Response.Write("Ready to launch application. Granted access!");
-                }
-                else
-                {
-                    Response.Write("Failure to authenticate session launch");
-                }
-            }
-            catch (Exception ex)
-            {
-                Response.Write("Exception!! failure. " + ex.Message);
-            }
-        }
-        else
-        {
-            // redrect to login Response.Write("not found");
-        }
-    }
-}

RDSFactorWeb/RDWeb/Pages/en-US/tokenform.aspx.cs

@@ -21,10 +21,10 @@ public partial class SMSToken : System.Web.UI.Page
     public const string L_LogonFailureLabel_Text = "The user name or password that you entered is not valid. Try typing it again.";
     public const string L_SubmitLabel_Text = "Submit";
     public const string L_CancelLabel_Text = "Cancel";
+
     //
     // Page Variables
     //
-
     public string sHelpSourceServer, sLocalHelp, strWorksSpaceName;
     public Uri baseUrl;