Solved

Create ASPX page to validate username and password to iPlanet LDAP server

Posted on 2007-11-21
5
1,242 Views
Last Modified: 2013-11-26
Hello,

I need to create an aspx web page in Visual Studio 2005 using VB to take a username and password entered into a couple of textboxes and validate the username/password combination against an iPlanet LDAP server. My server is running Win2K3 with the latest .Net Framework installed.

I need to know the code behind making this authentication.

Thank you very much for your time.
0
Comment
Question by:dcordner
  • 4
5 Comments
 
LVL 21

Accepted Solution

by:
surajguptha earned 500 total points
ID: 20343291
Check this code
http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=825835&SiteID=1

It contains code to lookup a user name and password on a LDAP server
0
 
LVL 1

Author Comment

by:dcordner
ID: 20351636
Well, the solution was really for Visual C#. I need VB. Also, it didn't show the exact syntax for declaring the following.

    System.DirectoryServices.Protocols
    System.DirectoryServices
0
 
LVL 1

Author Closing Comment

by:dcordner
ID: 31410494
While the answer didn't really solve the problem, it did lead me into the right forums to get the code I needed. I will post the completed code as a comment.
0
 
LVL 1

Author Comment

by:dcordner
ID: 20354609
This solution is for Visual Studio 2005, although it should also work fine in Visual Studio 2003. You will need the .Net 2.0 framework on your IIS server. The language is in Visual Basic. Below please find the completed code which you will need to paste into the .aspx.vb file. Simply paste in the code, and on the form, create two text boxes. One named TextBoxUID and the other named TextBoxPWD. Finally, you will need to replace the references to LDAPServer.MyCompany.com and the OU path, with your own values.

The code is below ...

Imports System.DirectoryServices
Imports System.Configuration
Imports System.Web.Security

Partial Class LoginLDAP
    Inherits System.Web.UI.Page

    Protected Sub ButtonLogin_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles ButtonLogin.Click
        Dim anUser As String = TextBoxUID.Text
        Dim apassword As String = TextBoxPWD.Text
        Dim RetVal As String
        RetVal = AuthenticateUser(anUser, apassword)
        If Len(RetVal) > 0 Then
            Session("UserID") = TextBoxUID.Text.Trim
            Response.Redirect("LoginSuccess.aspx", False)
        Else
            Response.Redirect("LoginFailure.aspx", False)
        End If
    End Sub

    Public Shared Function getDNFromLDAP(ByVal strUID As String) As String
      'In the next line, replace MyCompany with your correct domain name and also the .com with
      'the correct label (i.e. .com, .edu, .net, etc.). Also, you need to know the OU as well.
        Dim entry As New DirectoryEntry("LDAP://LDAPServer.MyCompany.com/ou=people,dc=MyCompany,dc=com")
        entry.AuthenticationType = AuthenticationTypes.None
        Dim mySearcher As New DirectorySearcher(entry)
        entry.Close()
        entry.Dispose()
        mySearcher.Filter = "(uid=" + strUID + ")"
        Dim result As SearchResult = mySearcher.FindOne()
        mySearcher.Dispose()
        Dim nIndex As Integer = result.Path.LastIndexOf("/")
        Dim strDN As String = result.Path.Substring((nIndex + 1)).ToString().TrimEnd()
        Return strDN
    End Function 'getDNFromLDAP


    Function AuthenticateUser(ByVal strUID As String, ByVal strPassword As String) As String

        Dim strID As String = String.Empty
        Dim entry As New DirectoryEntry

        Try
            ' call getDNFRromLDAP method to anonymously (port 389)
            ' search against ldap for the correct DN
            Dim strDN As String = getDNFromLDAP(strUID)

            'now use the found DN for the secure bind (port 636)
            entry.Path = "LDAP://LDAPServer.MyCompany.com/" + strDN
            entry.Username = strDN
            entry.Password = strPassword
            entry.AuthenticationType = AuthenticationTypes.SecureSocketsLayer

            'try to fetch a property..if no errors raised then it works
            strID = entry.Properties("mail")(0).ToString()

        Catch

        Finally
            entry.Close()
            entry.Dispose()
        End Try

        Return strID
    End Function 'AuthenticateUser

End Class


0
 
LVL 1

Author Comment

by:dcordner
ID: 20354637
One last thing. To engage the code, create a button on your form and paste in the following code. Note that you will need to create two dummy files, LoginSuccess.aspx and LoginFailure.aspx, with the appropriate text for the end user to see. Otherwise, redirect as desired.

        Dim anUser As String = TextBoxUID.Text
        Dim apassword As String = TextBoxPWD.Text
        Dim RetVal As String
        RetVal = AuthenticateUser(anUser, apassword)
        If Len(RetVal) > 0 Then
            Session("UserID") = TextBoxUID.Text.Trim
            Response.Redirect("LoginSuccess.aspx", False)
        Else
            Response.Redirect("LoginFailure.aspx", False)
        End If
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was asked about the differences between classic ASP and ASP.NET, so let me put them down here, for reference: Let's make the introductions... Classic ASP was launched by Microsoft in 1998 and dynamically generate web pages upon user interact…
Today I had a very interesting conundrum that had to get solved quickly. Needless to say, it wasn't resolved quickly because when we needed it we were very rushed, but as soon as the conference call was over and I took a step back I saw the correct …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question