Solved

Create ASPX page to validate username and password to iPlanet LDAP server

Posted on 2007-11-21
5
1,235 Views
Last Modified: 2013-11-26
Hello,

I need to create an aspx web page in Visual Studio 2005 using VB to take a username and password entered into a couple of textboxes and validate the username/password combination against an iPlanet LDAP server. My server is running Win2K3 with the latest .Net Framework installed.

I need to know the code behind making this authentication.

Thank you very much for your time.
0
Comment
Question by:dcordner
  • 4
5 Comments
 
LVL 21

Accepted Solution

by:
surajguptha earned 500 total points
ID: 20343291
Check this code
http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=825835&SiteID=1

It contains code to lookup a user name and password on a LDAP server
0
 
LVL 1

Author Comment

by:dcordner
ID: 20351636
Well, the solution was really for Visual C#. I need VB. Also, it didn't show the exact syntax for declaring the following.

    System.DirectoryServices.Protocols
    System.DirectoryServices
0
 
LVL 1

Author Closing Comment

by:dcordner
ID: 31410494
While the answer didn't really solve the problem, it did lead me into the right forums to get the code I needed. I will post the completed code as a comment.
0
 
LVL 1

Author Comment

by:dcordner
ID: 20354609
This solution is for Visual Studio 2005, although it should also work fine in Visual Studio 2003. You will need the .Net 2.0 framework on your IIS server. The language is in Visual Basic. Below please find the completed code which you will need to paste into the .aspx.vb file. Simply paste in the code, and on the form, create two text boxes. One named TextBoxUID and the other named TextBoxPWD. Finally, you will need to replace the references to LDAPServer.MyCompany.com and the OU path, with your own values.

The code is below ...

Imports System.DirectoryServices
Imports System.Configuration
Imports System.Web.Security

Partial Class LoginLDAP
    Inherits System.Web.UI.Page

    Protected Sub ButtonLogin_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles ButtonLogin.Click
        Dim anUser As String = TextBoxUID.Text
        Dim apassword As String = TextBoxPWD.Text
        Dim RetVal As String
        RetVal = AuthenticateUser(anUser, apassword)
        If Len(RetVal) > 0 Then
            Session("UserID") = TextBoxUID.Text.Trim
            Response.Redirect("LoginSuccess.aspx", False)
        Else
            Response.Redirect("LoginFailure.aspx", False)
        End If
    End Sub

    Public Shared Function getDNFromLDAP(ByVal strUID As String) As String
      'In the next line, replace MyCompany with your correct domain name and also the .com with
      'the correct label (i.e. .com, .edu, .net, etc.). Also, you need to know the OU as well.
        Dim entry As New DirectoryEntry("LDAP://LDAPServer.MyCompany.com/ou=people,dc=MyCompany,dc=com")
        entry.AuthenticationType = AuthenticationTypes.None
        Dim mySearcher As New DirectorySearcher(entry)
        entry.Close()
        entry.Dispose()
        mySearcher.Filter = "(uid=" + strUID + ")"
        Dim result As SearchResult = mySearcher.FindOne()
        mySearcher.Dispose()
        Dim nIndex As Integer = result.Path.LastIndexOf("/")
        Dim strDN As String = result.Path.Substring((nIndex + 1)).ToString().TrimEnd()
        Return strDN
    End Function 'getDNFromLDAP


    Function AuthenticateUser(ByVal strUID As String, ByVal strPassword As String) As String

        Dim strID As String = String.Empty
        Dim entry As New DirectoryEntry

        Try
            ' call getDNFRromLDAP method to anonymously (port 389)
            ' search against ldap for the correct DN
            Dim strDN As String = getDNFromLDAP(strUID)

            'now use the found DN for the secure bind (port 636)
            entry.Path = "LDAP://LDAPServer.MyCompany.com/" + strDN
            entry.Username = strDN
            entry.Password = strPassword
            entry.AuthenticationType = AuthenticationTypes.SecureSocketsLayer

            'try to fetch a property..if no errors raised then it works
            strID = entry.Properties("mail")(0).ToString()

        Catch

        Finally
            entry.Close()
            entry.Dispose()
        End Try

        Return strID
    End Function 'AuthenticateUser

End Class


0
 
LVL 1

Author Comment

by:dcordner
ID: 20354637
One last thing. To engage the code, create a button on your form and paste in the following code. Note that you will need to create two dummy files, LoginSuccess.aspx and LoginFailure.aspx, with the appropriate text for the end user to see. Otherwise, redirect as desired.

        Dim anUser As String = TextBoxUID.Text
        Dim apassword As String = TextBoxPWD.Text
        Dim RetVal As String
        RetVal = AuthenticateUser(anUser, apassword)
        If Len(RetVal) > 0 Then
            Session("UserID") = TextBoxUID.Text.Trim
            Response.Redirect("LoginSuccess.aspx", False)
        Else
            Response.Redirect("LoginFailure.aspx", False)
        End If
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
Wouldn’t it be nice if you could test whether an element is contained in an array by using a Contains method just like the one available on List objects? Wouldn’t it be good if you could write code like this? (CODE) In .NET 3.5, this is possible…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now