H
Hughs Man
I want to develop a C# Web Base Logon to connect a Novell LDAP Server with
SSL and then authorize the AD Domain User Name and Password
I have written the following source code to make a connection to Novell LDAP
Server, but i do not know how to authorize AD User Name and Password. And
can it connect to Novell LDAP?
Here are my source code:
public class LdapAuthentication
{
private string _path;
private string _filterAttribute;
public LdapAuthentication(string path)
{
_path = path;
}
public bool IsAuthenticated(string domain, string username, string
pwd)
{
DirectoryEntry entry = new DirectoryEntry(_path, username, pwd);
try
{
//Bind to the native AdsObject to force authentication.
object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + username + ")";
search.PropertiesToLoad.Add("cn");
SearchResult result = search.FindOne();
if (null == result)
{
return false;
}
//Update the new path to the user in the directory.
_path = result.Path;
_filterAttribute = (string)result.Properties["cn"][0];
}
catch (Exception ex)
{
throw new Exception("Error authenticating user. " +
ex.Message);
}
return true;
}
public string GetGroups()
{
DirectorySearcher search = new DirectorySearcher(_path);
search.Filter = "(cn=" + _filterAttribute + ")";
search.PropertiesToLoad.Add("memberOf");
StringBuilder groupNames = new StringBuilder();
try
{
SearchResult result = search.FindOne();
int propertyCount = result.Properties["memberOf"].Count;
string dn;
int equalsIndex, commaIndex;
for (int propertyCounter = 0; propertyCounter <
propertyCount; propertyCounter++)
{
dn =
(string)result.Properties["memberOf"][propertyCounter];
equalsIndex = dn.IndexOf("=", 1);
commaIndex = dn.IndexOf(",", 1);
if (-1 == equalsIndex)
{
return null;
}
groupNames.Append(dn.Substring((equalsIndex + 1),
(commaIndex - equalsIndex) - 1));
groupNames.Append("|");
}
}
catch (Exception ex)
{
throw new Exception("Error obtaining group names. " +
ex.Message);
}
return groupNames.ToString();
}
}
===========================================================================================================================================
string adPath = "LDAP://ldap.abc.com:636/ou=Users,o=AUTH";
LdapAuthentication adAuth = new LdapAuthentication(adPath);
if (true == adAuth.IsAuthenticated("ad.abc.com", "cn=TVAT,ou=eSERV,o=AUTH",
"123456789"))
{
string groups = adAuth.GetGroups();
//Create the ticket, and add the groups.
bool isCookiePersistent = true;
FormsAuthenticationTicket authTicket = new
FormsAuthenticationTicket(1, "UserNameHERE", DateTime.Now,
DateTime.Now.AddMinutes(60), isCookiePersistent, groups);
//Encrypt the ticket.
Create a cookie, and then add the encrypted ticket to the cookie as
data.
HttpCookie authCookie = new
HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
if (true == isCookiePersistent)
authCookie.Expires = authTicket.Expiration;
//Add the cookie to the outgoing cookies collection.
Response.Cookies.Add(authCookie);
Response.Redirect("urlHERE");
}
else
{
Message.Text = "Authentication did not succeed. Check user name and
password.";
return;
}
SSL and then authorize the AD Domain User Name and Password
I have written the following source code to make a connection to Novell LDAP
Server, but i do not know how to authorize AD User Name and Password. And
can it connect to Novell LDAP?
Here are my source code:
public class LdapAuthentication
{
private string _path;
private string _filterAttribute;
public LdapAuthentication(string path)
{
_path = path;
}
public bool IsAuthenticated(string domain, string username, string
pwd)
{
DirectoryEntry entry = new DirectoryEntry(_path, username, pwd);
try
{
//Bind to the native AdsObject to force authentication.
object obj = entry.NativeObject;
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + username + ")";
search.PropertiesToLoad.Add("cn");
SearchResult result = search.FindOne();
if (null == result)
{
return false;
}
//Update the new path to the user in the directory.
_path = result.Path;
_filterAttribute = (string)result.Properties["cn"][0];
}
catch (Exception ex)
{
throw new Exception("Error authenticating user. " +
ex.Message);
}
return true;
}
public string GetGroups()
{
DirectorySearcher search = new DirectorySearcher(_path);
search.Filter = "(cn=" + _filterAttribute + ")";
search.PropertiesToLoad.Add("memberOf");
StringBuilder groupNames = new StringBuilder();
try
{
SearchResult result = search.FindOne();
int propertyCount = result.Properties["memberOf"].Count;
string dn;
int equalsIndex, commaIndex;
for (int propertyCounter = 0; propertyCounter <
propertyCount; propertyCounter++)
{
dn =
(string)result.Properties["memberOf"][propertyCounter];
equalsIndex = dn.IndexOf("=", 1);
commaIndex = dn.IndexOf(",", 1);
if (-1 == equalsIndex)
{
return null;
}
groupNames.Append(dn.Substring((equalsIndex + 1),
(commaIndex - equalsIndex) - 1));
groupNames.Append("|");
}
}
catch (Exception ex)
{
throw new Exception("Error obtaining group names. " +
ex.Message);
}
return groupNames.ToString();
}
}
===========================================================================================================================================
string adPath = "LDAP://ldap.abc.com:636/ou=Users,o=AUTH";
LdapAuthentication adAuth = new LdapAuthentication(adPath);
if (true == adAuth.IsAuthenticated("ad.abc.com", "cn=TVAT,ou=eSERV,o=AUTH",
"123456789"))
{
string groups = adAuth.GetGroups();
//Create the ticket, and add the groups.
bool isCookiePersistent = true;
FormsAuthenticationTicket authTicket = new
FormsAuthenticationTicket(1, "UserNameHERE", DateTime.Now,
DateTime.Now.AddMinutes(60), isCookiePersistent, groups);
//Encrypt the ticket.
Create a cookie, and then add the encrypted ticket to the cookie as
data.
HttpCookie authCookie = new
HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
if (true == isCookiePersistent)
authCookie.Expires = authTicket.Expiration;
//Add the cookie to the outgoing cookies collection.
Response.Cookies.Add(authCookie);
Response.Redirect("urlHERE");
}
else
{
Message.Text = "Authentication did not succeed. Check user name and
password.";
return;
}