aspx_professional thread: Custom Web Form and Validating Against Active Directory...???
Chris,
Thanks for the great info, but i actually found a way to do it and now that i have
it, i'm kicking myself not figuring it out. Although - i'm sure there's a better
way - and i will checking your suggestion/article out shortly to discover that.
Anyway, i came up with this:
Private Function GetUserName(ByVal Domain As String, ByVal username As String, ByVal
password As String) As Boolean
Try
Dim de As New DirectoryEntry("LDAP://" & Domain, username, password,
AuthenticationTypes.Secure)
Dim srch As New DirectorySearcher(de)
srch.Filter = "(&(objectClass=user)(samAccountName=" & username & "))"
Dim result As SearchResult = srch.FindOne
Dim obj As DirectoryEntry
obj = result.GetDirectoryEntry()
'MsgBox("password = " & obj.Password & ControlChars.NewLine & "path = " &
obj.Path)
Return True
Catch ex As Exception
Console.Write(ex.Message + ControlChars.NewLine + ex.StackTrace)
Return False
End Try
End Function
after finding this post:
http://www.devcity.net/forums/topic.asp?tid=21346
It really makes so much sense that you would actually pass the username and password
- and i know i tried that, but i wasn't supplying the authenticationType param -
which is incredibly important (i now know).
Thanks for everyone's suggestions and help!!
John
--- Chris <wrox@d...> wrote:
>
> John, go look on the MSDN site for the article Building Secure ASP.NET
> Applications. It's a great starting point, with step-by-step instructions
> and code for a wide variety of situations, including integrating forms
> authentication and Active Directory. It's a big document, but look through
> the contents and you'll find exactly what you need to get started (I think
> it may be at the end among the addenda.)
>
> Then go to the web site ASP.NET at this URL
>
> http://www.asp.net/Forums/ShowPost.aspx?tabindex=1&PostID=131542
>
> The thread there (I'm boyscout) will save you some grief that I went through
> overcoming bugs in the Microsoft approach from the above document (but DO
> get the document, important steps in there.) You'll find code there that we
> eventually worked out and are using in a production app now.
>
> HTH
>
>
>
> -----Original Message-----
> From: Johnny [mailto:mailjohnny101@y...]
> Sent: Thursday, March 13, 2003 2:42 PM
> To: ASPX_Professional
> Subject: [aspx_professional] Custom Web Form and Validating Against Active
> Directory...???
>
>
> Hello,
>
> I'm sure this has been discussed here before, but i haven't found anything
> searching the archive.
>
> I am trying to authenticate a user's credentials against our Active
> Directory. I can't use Windows or Basic Authentication, so i need to grab
> the user's info from a basic HTML form, take those values and query the
> active directory a)for the user and then b) authenticate their password.
>
> I've found one article on ASPToday that talks about how to search the active
> directory (but, it's not working for some reason). And i'd rather not loop
> through the directory anyway. Even if they did work, it doesn't appear that
> the password is available in the properties collection. I thought i read
> somewhere that this value isn't sent as clear text and therefore isn't
> possible to do a direct compare against. So, i'm guessing i need to
> simulate some sort of virtual "log on" procedure.
>
> I'm pretty sure that i'll have to use the System.DirectoryServices
> namespace, but the documentation I'm finding on that is poor at best, with
> no code examples.
>
> I'd be pulling my hair out, except i dont have any, so i fear my eyebrows
> are in danger.
>
> Any and all suggestions *extremely* welcome!
>
> Thanks
>
> John
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Web Hosting - establish your business online
> http://webhosting.yahoo.com
>
>
>
>
>
__________________________________________________
Do you Yahoo!?
Yahoo! Web Hosting - establish your business online
http://webhosting.yahoo.com
View Cart
