MVC 5 Bypass Forms Authentication for Windows Authenticated users
Question
I already have a website written using MVC 5 and it uses form authentication using SQL Server .
Now is it possible that I can bypass Forms Authentication for users that are already on office network. Also I want to keep track of user and apply rules similar to Forms Authentication . Thanks.
1 answers
solution1
1 2015-12-14 05:33:02
Yes you can do that. Here's the code to check user in domain. First get the domain name and try to verify user with domain. If this fails then proceed to forms authentication.
public static string DomainControllerName { get; private set; }
public static string ComputerName { get; private set; }
public static string DomainName { get; private set; }
public static string DomainPath
{
get
{
bool bFirst = true;
StringBuilder sbReturn = new StringBuilder(200);
string[] strlstDc = DomainName.Split('.');
foreach (string strDc in strlstDc)
{
if (bFirst)
{
sbReturn.Append("DC=");
bFirst = false;
}
else
sbReturn.Append(",DC=");
sbReturn.Append(strDc);
}
return sbReturn.ToString();
}
}
public static string RootPath
{
get
{
return string.Format("LDAP://{0}/{1}", DomainName, DomainPath);
}
}
Domain domain = null;
DomainController domainController = null;
try
{
domain = Domain.GetCurrentDomain();
DomainName = domain.Name;
domainController = domain.PdcRoleOwner;
DomainControllerName = domainController.Name.Split('.')[0];
ComputerName = Environment.MachineName;
}
finally
{
if (domain != null)
domain.Dispose();
if (domainController != null)
domainController.Dispose();
}
try
{
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
DirectoryEntry root = new DirectoryEntry(RootPath, txtUserName.Text.Trim(), txtPassword.Text);
DirectorySearcher search = new DirectorySearcher(root);
search.SearchScope = SearchScope.Subtree;
search.Filter = "(sAMAccountName=" + txtUserName.Text.Trim() + ")";
SearchResultCollection results = search.FindAll();
UserPrincipal userP = UserPrincipal.FindByIdentity(ctx, txtUserName.Text.Trim());
if (userP != null && results != null)
{
//Get the user's groups
var groups = userP.GetAuthorizationGroups();
if (groups.Count(x => x.Name == ConfigurationManager.AppSettings["UserGroup"].ToString()) > 0)
{
//Successful login code here
}
else
{
//"Access Denied !";
}
}
else
{
//"User Name or Password is incorrect. Try again !"
}
}
}
catch
{
//"User Name or Password is incorrect. Try again !"
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Bypass windows authentication on a controller MVC
.NET MVC Authentication - Forms + Windows Authentication
redirect user when Authenticated asp.net mvc forms Authentication
Automatic login for Forms authenticated MVC app based on Windows username, possible?
Confusion around Forms and Windows Authentication in MVC
MVC WebAPI authentication from Windows Forms
windows authentication to get a list of users in MVC4
MVC Authentication bypass for a controller/action
ASP.NET MVC Windows authentication on top of forms authentication
Windows Authentication and Forms Authentication
Related Tags