Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

ASP-Logon-Page with Active Directory Group Authentication

Posted on 2008-10-13
1
Medium Priority
?
355 Views
Last Modified: 2008-10-14
Hello,

At first, I apologize for my bad English I come from Germany.

I've already created a login page with solutions i found on Expert Exchange.

This is the code:

____



<%
on error resume next

Dim strDomain
Dim strADsPath
Dim strUserName
Dim strPassword
Dim iFlags
Dim errorcount

errorcount = 0

' force the domain
if Request.Form("Domain") <> "TESTGROUP" then
     strDomain = Request.Form("Domain")
     if strDomain = "" then strDomain = "TESTGROUP" end if
else
     strDomain = "TESTGROUP"
end if

strADsPath = strDomain
iFlags = Request.Form("Flags")
strPassword = Request.Form("Password")
strUserName = Request.Form("UserName")
%>                
<form action = "login.asp" method = "post" id=form1 name=form1>
                  <table width="100%" cellpadding="0" class=news1>
                    <tr align="left" valign="middle">
                      <td>&nbsp;&nbsp;</td>
                      <td class=news1><div align="right"><font class="news1"><strong><nobr>Username:&nbsp;</nobr></strong></font></div></td>
                      <td>&nbsp;&nbsp;</td>
                      <td> <div align="left">
                        <input name=UserName type="text" id=UserName2 value="<%response.write strUserName%>" size="40">
                      </div></td>
                    </tr>
                    <tr align="left" valign="middle">
                      <td>&nbsp; </td>
                      <td class=news1><div align="right"><font class="news1"><strong>Password:</strong></font></div></td>
                      <td>&nbsp;</td>
                      <td> <div align="left">
                        <input type="password" id=Password2 name=Password size = 40 > 
                      </div></td>
                    </tr>
                    <tr align="left" valign="middle">
                      <td>&nbsp;</td>
                      <td class=news1><div align="right"><font class="news1"><strong>Domain:</strong></font></div></td>
                     
                      <td>&nbsp;</td>
                      <td> <div align="left"><font class="news1">TESTGROUP </font>
                        <input name=Domain type="hidden" id=Password3 value="<%response.write strDomain%>" size = 26 > 
                      </div></td>
                    </tr>
                    <tr valign="top">
                      <td colspan="4">&nbsp;&nbsp;</td>
                    </tr>
                    <tr valign="top">
                      <td colspan="4"> <div align="center">
                          <input type="hidden" id=Flags2 name=Flags size = 10 value = 0>
                          <input type="submit" value="  Login  " id=submit12 name=submit1>
                          <input type="reset" name="Reset" value="  Reset  ">
                        </div></td>
                    </tr>
                  </table>
                                         </form>

<%
if (not strUserName= "") then

      strADsPath = "WinNT://" & strADsPath
      Dim oADsObject  
      Dim tempstr
      tempstr = strDomain & "\" & strUserName

 
      Set oADsObject = GetObject(strADsPath)

      Dim strADsNamespace
      Dim oADsNamespace
      strADsNamespace = left(strADsPath, instr(strADsPath, ":"))
      set oADsNamespace = GetObject(strADsNamespace)
      Set oADsObject = oADsNamespace.OpenDSObject(strADsPath, tempstr, strPassword, 0)
     
           if not (Err.number = 0) then
                                             
               Response.Write "You did not enter the correct password<br> or username for the " & strDomain & " domain.<br>Please try again."
                 'response.write err.description & "<p>"
               if err.number = -2147022987 then ' for account logout
                    Response.write "<strong>Your account has been logged out!</strong>"
                end if
         
          else
 
Set oContainer = GetObject("LDAP://CN=<username>,CN=users,DC=TESTGROUP,DC=local")

for each oGroupName in oContainer.memberOf                                                                      
gname = left(oGroupName,instr(oGroupName,",")-1)
gname = right(gname,len(gname) - 3)
if gname = "TEST" then
Session("Group") = gname

end if
next

Session("USER_LOGIN") = strUserName
Session("isLoggedIn") = True
Session("ValidUser") = True
response.redirect "index.asp"
                   
          end if

end if
%>

______

As far as I can succesfull Authenticate my username and password with Active Directory.

Now I want that only users of the security group "TEST" can successfully forwarded to "index.asp".

But how exactly do I have to modify the code?!

I hope you can help me

Many greetings

David

0
Comment
Question by:muhmann
1 Comment
 
LVL 10

Accepted Solution

by:
slamhound earned 500 total points
ID: 22708525
Try this:

for each oGroupName in oContainer.memberOf                                                                      
gname = left(oGroupName,instr(oGroupName,",")-1)
gname = right(gname,len(gname) - 3)
if gname = "TEST" then
Session("Group") = gname

end if
next
If Session("Group")  = "TEST" Then
Session("USER_LOGIN") = strUserName
Session("isLoggedIn") = True
Session("ValidUser") = True
response.redirect "index.asp"
End If
                   
          end if

end if
%>
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:   The Exchange of informatio…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question