• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 217
  • Last Modified:

asp.net mvc 4

HI all ,

I have built some asp.net mvc 4 webapp and I pointed users to authenticate through the AD. now it works fine but i have one thing I would like to do is to control which AD users can connect for example:

add some AD group to my application and allow just to member of this group to access the webapp.

Thanks,
0
Moti Mashiah
Asked:
Moti Mashiah
  • 4
  • 2
1 Solution
 
Randy PooleCommented:
In your login page you would validate the user against the group they are in and either allow it or deny it
var User = System.Web.HttpContext.Current.User;
            if (User.IsInRole("DOMAIN\\ADGroup"))

Open in new window

0
 
Moti Mashiah.NET DeveloperAuthor Commented:
where should i type it in my controller can you advice:

here is my controller code:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Transactions;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;
using Microsoft.Web.WebPages.OAuth;
using WebMatrix.WebData;
using ALThompsonCRM.Filters;
using ALThompsonCRM.Models;
using System.Configuration;

namespace ALThompsonCRM.Controllers
{
   
    public class AccountController : Controller
    {
        
        public ActionResult Login()
        {

            return this.View();
        }
     
        [HttpPost]
        public ActionResult Login(LoginModel model, string returnUrl)
        {
            if (!this.ModelState.IsValid)
            {
                return this.View(model);
            }

           

            if (Membership.ValidateUser(model.UserName, model.Password))
            {
                FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
                if (this.Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                    && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                {
                    return this.Redirect(returnUrl);
                }

                return this.RedirectToAction("Index", "Home");
            }

            this.ModelState.AddModelError(string.Empty, "The user name or password provided is incorrect.");

            return this.View(model);
        }

        public ActionResult LogOff()
        {
            FormsAuthentication.SignOut();

            return this.RedirectToAction("Index", "Home");
        }
    }

Open in new window

0
 
Randy PooleCommented:
public ActionResult Login(LoginModel model, string returnUrl)
{
    if (!this.ModelState.IsValid)
    {
        return this.View(model);
    }

   

    if (Membership.ValidateUser(model.UserName, model.Password))
    {
        if (Roles.IsUserInRole(model.UserName,"DOMAIN\\ADGroup"))
        {
          FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
          if (this.Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
              && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
          {
              return this.Redirect(returnUrl);
          }
  
          return this.RedirectToAction("Index", "Home");
         }
         this.ModelState.AddModelError(string.Empty, "You are not authorized to utilize this system.");
         return this.View(model);
    }

    this.ModelState.AddModelError(string.Empty, "The user name or password provided is incorrect.");

    return this.View(model);
}

Open in new window

0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
Moti Mashiah.NET DeveloperAuthor Commented:
hi ,

I just tried the code you sent me and I got this error in the new line "The network path was not found"

here is how I added it

if (Membership.ValidateUser(model.UserName, model.Password))
    {
        if (Roles.IsUserInRole(model.UserName,"alt.local\\Crmaccess"))
        {
          FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
          if (this.Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
              && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
          {
              return this.Redirect(returnUrl);
          }
  
          return this.RedirectToAction("Index", "Home");
         }
         this.ModelState.AddModelError(string.Empty, "You are not authorized to utilize this system.");
         return this.View(model);
    }

Open in new window

0
 
Moti Mashiah.NET DeveloperAuthor Commented:
Sorry my fault ignore the comment above, my SQL was down that's why I couldn't find the path.

Now when I insert user name and password with the user who member in crmaccess group and click on submit the window return again to the login page.
0
 
Moti Mashiah.NET DeveloperAuthor Commented:
Please , can somebody help with this issue.
0

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now