1. 首页
  2. 问答
  3. 从web.config和默认登录Active Directory身份验证

从web.config和默认登录Active Directory身份验证

2012-07-31 109 views
0

目前我有一个方法来检查用户是否通过身份验证,但我希望我的ASP.net应用程序实现ActiveDirectory身份验证与默认登录。从web.config和默认登录Active Directory身份验证

我目前的方法:

public bool IsAuthenticated(string user, string pass) 
     { 
      bool authenticated = false; 
      string path = "LDAP://my path here"; 
      DirectoryEntry adsEntry = new DirectoryEntry(path); 
      adsEntry.AuthenticationType = AuthenticationTypes.Secure; 
      adsEntry.Username = user; 
      adsEntry.Password = pass; 
      DirectorySearcher adsSearcher = new DirectorySearcher(adsEntry); 
      adsSearcher.Filter = "(sAMAccountName=" + user + ")"; 

      try 
      { 
       SearchResult adsSearchResult = adsSearcher.FindOne(); 
       authenticated = true; 
       adsEntry.Close(); 
      } 
      catch (Exception ex) 
      { 
       // Failed to authenticate. Most likely it is caused by unknown user 
       // id or bad strPassword. 
       //strError = ex.Message; 
       adsEntry.Close(); 
      } 

      return authenticated;

试图实现在web.config中的登录功能我写了下面: 

<membership defaultProvider="MembershipADProvider"> 
     <providers> 
     <add 
      name="MembershipADProvider" 
      type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, 
      Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
        connectionStringName="ADConnectionString" 
        /> 

     </providers> 
    </membership>

这似乎是连接到LDAP服务器,因为它会抛出Bad username or password valdiation error。另一方面,我不确定它是否连接到服务器,因为在3次不正确的身份验证尝试之后,此服务器会阻止其他每个应用程序上的用户,而这种情况不会发生。 我不确定是否必须将属性connectionUsernameconnectionPassword添加到web.config中,或者让Login命令在登录时使用每个用户名/密码填充它们。任何帮助,将不胜感激。

来源

2012-07-31 leonsas

回答

0

我使用相同类型的设置,我可以从您的代码在配置中看到的唯一区别是我有添加到我的属性映射用户名属性。

<membership defaultProvider="MembershipADProvider"> 
    <providers> 
    <add name="MembershipADProvider" 
     type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" 
     connectionStringName="ADConnectionString" 
     attributeMapUsername="sAMAccountName" 
    /> 
    </providers> 
</membership>

关于后面的代码,我只是通过下面的成员提供程序检查验证。

// Connect to the proper membership provider based on the domain name entered by the user. 
MembershipProvider provider = Membership.Providers["MembershipADProvider"]; 

// Check if the domain provider exists. 
if (provider != null) 
{ 
    // Validate the user based on the credentials they entered. 
    if (provider.ValidateUser(username, password)) 
    { 
     // Authenticate the user and redirect them to the return URL. 
     FormsAuthentication.SetAuthCookie(username, false); 
     Response.Redirect(returnUrl); 
    } 
}

来源

2012-07-31 16:01:40 SeaSharp

相关问题

 相关问题