iBlog

Trevor Johnson
posts - 6 , comments - 12 , trackbacks - 0

My Links

News

Archives
Home | Google Search, Get a better Page Rank >>

MVC & Windows Authentication

Okay so basically all we are doing here is changing the ValidateUser function so that it makes an LDAP connection using the username and password passed from the LogOn view form.

If it succeeds, we have a vaild user and password combination.

Changed ValidateUser function.

// new for authentication 
using System.DirectoryServices;
using System.DirectoryServices.Protocols;
using System.Net;

public bool ValidateUser(string userName, string password)
        {
            bool validation;
            try
            {
                LdapConnection ldc = new LdapConnection(new LdapDirectoryIdentifier((string)nullfalsefalse));
                NetworkCredential nc = new NetworkCredential(userName, password, "domainname.com");
                ldc.Credential = nc;
                ldc.AuthType = AuthType.Negotiate;
                ldc.Bind(nc); // user has authenticated at this point, as the credentials were used to login to the dc. 
                string myvar = ldc.SessionOptions.DomainName;
                validation = true;
            }
            catch (LdapException)
            {
                validation = false;
            }
            return validation;
        } 

 

Print | posted on Thursday, June 17, 2010 9:13 AM |

Feedback

Gravatar

# re: MVC & Windows Authentication

If your goal is to simply validate the user can logon, I suggest you enable FastConcurrentBind in the session options of our LDAPConnection object. You can't use the connection for anything else, but it is a high-performance way to validate the user can authenticate. MS uses this in the ASP.NET AD membership provider.
4/2/2011 6:57 AM | Ethan Wilansky
Post A Comment
Title:
Name:
Email:
Website:
Comment:
Verification:
 
 

Powered by:

Copyright © TJ