stackoom
  简体   繁体   中英

ASP.NET MVC LDAP Authentication

 原文  2016-04-19 11:56:19       c#/ asp.net/ asp.net-mvc

Question

I have been trying to authenticate via LDAP on a new application I'm developing in vain. I have always been able to do this on other applications but this time for some reason it just won't go through. I open my other apps and try to replicate the code almost identical but I keep running into the same problem. The app redirects to the page it should if the authentication was successful but when I try to navigate to another page where I have a function with [Authorize] before it, it take's me back to the log in page. I have tried in vain to check what the issue could be but I still can't find it. Please assist. Here's some portions of my code 

//Accounts controller
[HttpPost]
public ActionResult Login(LoginViewModel model, string returnUrl)
{

    string domain = (string)model.domain   
    string userName = (string)model.UserName;
    string password = (string)model.Password;

    try
    {
        DirectoryEntry entry = new DirectoryEntry();
        switch (domain)
        {
            case "OPTION1":
                entry = new DirectoryEntry("LDAP://xx.xx.xx.xx:389", userName, password);
                break;
            case "OPTION2":
                entry = new DirectoryEntry("LDAP://yy.yy.yy.yy:389", userName, password);
                break;

        }
        object nativeObject = entry.NativeObject;
        FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
        if (this.Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                    && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
        {
            return this.Redirect(returnUrl);
        }
        return this.RedirectToAction("Index", "Home");


    }
    catch (Exception ex)
    {

        this.ModelState.AddModelError(string.Empty, "The user name or password provided is incorrect.");
    }
    return View(model);
}

//web.config
<authentication mode="Forms">
  <forms name=".ADAuthCookie" loginUrl="~/Account/Login" timeout="60" slidingExpiration="false" protection="All" />
</authentication>


//in AccountViewModels I have
using System.ComponentModel.DataAnnotations;

public class LoginViewModel
{
[Required]
[Display(Name = "User name")]
public string UserName { get; set; }

[Required]
[DataType(DataType.Password)]
[Display(Name = "Password")]
public string Password { get; set; }

[Display(Name = "Remember me?")]
public bool RememberMe { get; set; }
}

1 answers

solution1
 0  2016-04-19 13:51:29

The problem I can see here is you are not validating the user. For eg 

if (Membership.ValidateUser(model.UserName, model.Password))
{
  FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
  if (this.Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 &&     returnUrl.StartsWith("/")
            && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
        {
            return this.Redirect(returnUrl);
        }

        return this.RedirectToAction("Index", "Home");
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question LDAP Authentication in ASP.Net MVC LDAP Authentication in ASP.NET MVC 4 web.config file On-premise LDAP authentication for Azure ASP.Net MVC 5 LDAP authentication in C# in asp.net asp.net ldap authentication help/advice Authentication in ASP.NET MVC Authentication/Authorization using ASP.NET authentication and LDAP ASP.NET Identity Role management through LDAP Authentication Asp.Net Core 2.1 Identity with LDAP authentication ASP.NET Core 2.0 LDAP Active Directory Authentication
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM