Solved

Create ASPX page to validate username and password to iPlanet LDAP server

Posted on 2007-11-21
5
1,246 Views
Last Modified: 2013-11-26
Hello,

I need to create an aspx web page in Visual Studio 2005 using VB to take a username and password entered into a couple of textboxes and validate the username/password combination against an iPlanet LDAP server. My server is running Win2K3 with the latest .Net Framework installed.

I need to know the code behind making this authentication.

Thank you very much for your time.
0
Comment
Question by:dcordner
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
5 Comments
 
LVL 21

Accepted Solution

by:
surajguptha earned 500 total points
ID: 20343291
Check this code
http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=825835&SiteID=1

It contains code to lookup a user name and password on a LDAP server
0
 
LVL 1

Author Comment

by:dcordner
ID: 20351636
Well, the solution was really for Visual C#. I need VB. Also, it didn't show the exact syntax for declaring the following.

    System.DirectoryServices.Protocols
    System.DirectoryServices
0
 
LVL 1

Author Closing Comment

by:dcordner
ID: 31410494
While the answer didn't really solve the problem, it did lead me into the right forums to get the code I needed. I will post the completed code as a comment.
0
 
LVL 1

Author Comment

by:dcordner
ID: 20354609
This solution is for Visual Studio 2005, although it should also work fine in Visual Studio 2003. You will need the .Net 2.0 framework on your IIS server. The language is in Visual Basic. Below please find the completed code which you will need to paste into the .aspx.vb file. Simply paste in the code, and on the form, create two text boxes. One named TextBoxUID and the other named TextBoxPWD. Finally, you will need to replace the references to LDAPServer.MyCompany.com and the OU path, with your own values.

The code is below ...

Imports System.DirectoryServices
Imports System.Configuration
Imports System.Web.Security

Partial Class LoginLDAP
    Inherits System.Web.UI.Page

    Protected Sub ButtonLogin_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles ButtonLogin.Click
        Dim anUser As String = TextBoxUID.Text
        Dim apassword As String = TextBoxPWD.Text
        Dim RetVal As String
        RetVal = AuthenticateUser(anUser, apassword)
        If Len(RetVal) > 0 Then
            Session("UserID") = TextBoxUID.Text.Trim
            Response.Redirect("LoginSuccess.aspx", False)
        Else
            Response.Redirect("LoginFailure.aspx", False)
        End If
    End Sub

    Public Shared Function getDNFromLDAP(ByVal strUID As String) As String
      'In the next line, replace MyCompany with your correct domain name and also the .com with
      'the correct label (i.e. .com, .edu, .net, etc.). Also, you need to know the OU as well.
        Dim entry As New DirectoryEntry("LDAP://LDAPServer.MyCompany.com/ou=people,dc=MyCompany,dc=com")
        entry.AuthenticationType = AuthenticationTypes.None
        Dim mySearcher As New DirectorySearcher(entry)
        entry.Close()
        entry.Dispose()
        mySearcher.Filter = "(uid=" + strUID + ")"
        Dim result As SearchResult = mySearcher.FindOne()
        mySearcher.Dispose()
        Dim nIndex As Integer = result.Path.LastIndexOf("/")
        Dim strDN As String = result.Path.Substring((nIndex + 1)).ToString().TrimEnd()
        Return strDN
    End Function 'getDNFromLDAP


    Function AuthenticateUser(ByVal strUID As String, ByVal strPassword As String) As String

        Dim strID As String = String.Empty
        Dim entry As New DirectoryEntry

        Try
            ' call getDNFRromLDAP method to anonymously (port 389)
            ' search against ldap for the correct DN
            Dim strDN As String = getDNFromLDAP(strUID)

            'now use the found DN for the secure bind (port 636)
            entry.Path = "LDAP://LDAPServer.MyCompany.com/" + strDN
            entry.Username = strDN
            entry.Password = strPassword
            entry.AuthenticationType = AuthenticationTypes.SecureSocketsLayer

            'try to fetch a property..if no errors raised then it works
            strID = entry.Properties("mail")(0).ToString()

        Catch

        Finally
            entry.Close()
            entry.Dispose()
        End Try

        Return strID
    End Function 'AuthenticateUser

End Class


0
 
LVL 1

Author Comment

by:dcordner
ID: 20354637
One last thing. To engage the code, create a button on your form and paste in the following code. Note that you will need to create two dummy files, LoginSuccess.aspx and LoginFailure.aspx, with the appropriate text for the end user to see. Otherwise, redirect as desired.

        Dim anUser As String = TextBoxUID.Text
        Dim apassword As String = TextBoxPWD.Text
        Dim RetVal As String
        RetVal = AuthenticateUser(anUser, apassword)
        If Len(RetVal) > 0 Then
            Session("UserID") = TextBoxUID.Text.Trim
            Response.Redirect("LoginSuccess.aspx", False)
        Else
            Response.Redirect("LoginFailure.aspx", False)
        End If
0

Featured Post

Business Impact of IT Communications

What are the business impacts of how well businesses communicate during an IT incident? Targeting, speed, and transparency all matter. Find out more in this infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Excel Web Add-in Where is Visual Basic used 9 85
EF5: Update Model from Database not working 3 83
How does this modal work? 3 34
Difference between Highcharts and Mapbox 10 45
For those of you who don't follow the news, or just happen to live under rocks, Microsoft Research released a beta SDK (http://www.microsoft.com/en-us/download/details.aspx?id=27876) for the Xbox 360 Kinect. If you don't know what a Kinect is (http:…
A long time ago (May 2011), I have written an article showing you how to create a DLL using Visual Studio 2005 to be hosted in SQL Server 2005. That was valid at that time and it is still valid if you are still using these versions. You can still re…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question