Solved

Create ASPX page to validate username and password to iPlanet LDAP server

Posted on 2007-11-21
5
1,240 Views
Last Modified: 2013-11-26
Hello,

I need to create an aspx web page in Visual Studio 2005 using VB to take a username and password entered into a couple of textboxes and validate the username/password combination against an iPlanet LDAP server. My server is running Win2K3 with the latest .Net Framework installed.

I need to know the code behind making this authentication.

Thank you very much for your time.
0
Comment
Question by:dcordner
  • 4
5 Comments
 
LVL 21

Accepted Solution

by:
surajguptha earned 500 total points
ID: 20343291
Check this code
http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=825835&SiteID=1

It contains code to lookup a user name and password on a LDAP server
0
 
LVL 1

Author Comment

by:dcordner
ID: 20351636
Well, the solution was really for Visual C#. I need VB. Also, it didn't show the exact syntax for declaring the following.

    System.DirectoryServices.Protocols
    System.DirectoryServices
0
 
LVL 1

Author Closing Comment

by:dcordner
ID: 31410494
While the answer didn't really solve the problem, it did lead me into the right forums to get the code I needed. I will post the completed code as a comment.
0
 
LVL 1

Author Comment

by:dcordner
ID: 20354609
This solution is for Visual Studio 2005, although it should also work fine in Visual Studio 2003. You will need the .Net 2.0 framework on your IIS server. The language is in Visual Basic. Below please find the completed code which you will need to paste into the .aspx.vb file. Simply paste in the code, and on the form, create two text boxes. One named TextBoxUID and the other named TextBoxPWD. Finally, you will need to replace the references to LDAPServer.MyCompany.com and the OU path, with your own values.

The code is below ...

Imports System.DirectoryServices
Imports System.Configuration
Imports System.Web.Security

Partial Class LoginLDAP
    Inherits System.Web.UI.Page

    Protected Sub ButtonLogin_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles ButtonLogin.Click
        Dim anUser As String = TextBoxUID.Text
        Dim apassword As String = TextBoxPWD.Text
        Dim RetVal As String
        RetVal = AuthenticateUser(anUser, apassword)
        If Len(RetVal) > 0 Then
            Session("UserID") = TextBoxUID.Text.Trim
            Response.Redirect("LoginSuccess.aspx", False)
        Else
            Response.Redirect("LoginFailure.aspx", False)
        End If
    End Sub

    Public Shared Function getDNFromLDAP(ByVal strUID As String) As String
      'In the next line, replace MyCompany with your correct domain name and also the .com with
      'the correct label (i.e. .com, .edu, .net, etc.). Also, you need to know the OU as well.
        Dim entry As New DirectoryEntry("LDAP://LDAPServer.MyCompany.com/ou=people,dc=MyCompany,dc=com")
        entry.AuthenticationType = AuthenticationTypes.None
        Dim mySearcher As New DirectorySearcher(entry)
        entry.Close()
        entry.Dispose()
        mySearcher.Filter = "(uid=" + strUID + ")"
        Dim result As SearchResult = mySearcher.FindOne()
        mySearcher.Dispose()
        Dim nIndex As Integer = result.Path.LastIndexOf("/")
        Dim strDN As String = result.Path.Substring((nIndex + 1)).ToString().TrimEnd()
        Return strDN
    End Function 'getDNFromLDAP


    Function AuthenticateUser(ByVal strUID As String, ByVal strPassword As String) As String

        Dim strID As String = String.Empty
        Dim entry As New DirectoryEntry

        Try
            ' call getDNFRromLDAP method to anonymously (port 389)
            ' search against ldap for the correct DN
            Dim strDN As String = getDNFromLDAP(strUID)

            'now use the found DN for the secure bind (port 636)
            entry.Path = "LDAP://LDAPServer.MyCompany.com/" + strDN
            entry.Username = strDN
            entry.Password = strPassword
            entry.AuthenticationType = AuthenticationTypes.SecureSocketsLayer

            'try to fetch a property..if no errors raised then it works
            strID = entry.Properties("mail")(0).ToString()

        Catch

        Finally
            entry.Close()
            entry.Dispose()
        End Try

        Return strID
    End Function 'AuthenticateUser

End Class


0
 
LVL 1

Author Comment

by:dcordner
ID: 20354637
One last thing. To engage the code, create a button on your form and paste in the following code. Note that you will need to create two dummy files, LoginSuccess.aspx and LoginFailure.aspx, with the appropriate text for the end user to see. Otherwise, redirect as desired.

        Dim anUser As String = TextBoxUID.Text
        Dim apassword As String = TextBoxPWD.Text
        Dim RetVal As String
        RetVal = AuthenticateUser(anUser, apassword)
        If Len(RetVal) > 0 Then
            Session("UserID") = TextBoxUID.Text.Trim
            Response.Redirect("LoginSuccess.aspx", False)
        Else
            Response.Redirect("LoginFailure.aspx", False)
        End If
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wouldn’t it be nice if you could test whether an element is contained in an array by using a Contains method just like the one available on List objects? Wouldn’t it be good if you could write code like this? (CODE) In .NET 3.5, this is possible…
This demonstration started out as a follow up to some recently posted questions on the subject of logging in: http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/Q_28634665.html and http://www.experts-exchange.com/Programming/…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now