I have been trying to authenticate via LDAP on a new application I'm developing in vain. I have always been able to do this on other applications but this time for some reason it just won't go through. I open my other apps and try to replicate the code almost identical but I keep running into the same problem. The app redirects to the page it should if the authentication was successful but when I try to navigate to another page where I have a function with [Authorize]
before it, it take's me back to the log in page. I have tried in vain to check what the issue could be but I still can't find it. Please assist. Here's some portions of my code
//Accounts controller
[HttpPost]
public ActionResult Login(LoginViewModel model, string returnUrl)
{
string domain = (string)model.domain
string userName = (string)model.UserName;
string password = (string)model.Password;
try
{
DirectoryEntry entry = new DirectoryEntry();
switch (domain)
{
case "OPTION1":
entry = new DirectoryEntry("LDAP://xx.xx.xx.xx:389", userName, password);
break;
case "OPTION2":
entry = new DirectoryEntry("LDAP://yy.yy.yy.yy:389", userName, password);
break;
}
object nativeObject = entry.NativeObject;
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
if (this.Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return this.Redirect(returnUrl);
}
return this.RedirectToAction("Index", "Home");
}
catch (Exception ex)
{
this.ModelState.AddModelError(string.Empty, "The user name or password provided is incorrect.");
}
return View(model);
}
//web.config
<authentication mode="Forms">
<forms name=".ADAuthCookie" loginUrl="~/Account/Login" timeout="60" slidingExpiration="false" protection="All" />
</authentication>
//in AccountViewModels I have
using System.ComponentModel.DataAnnotations;
public class LoginViewModel
{
[Required]
[Display(Name = "User name")]
public string UserName { get; set; }
[Required]
[DataType(DataType.Password)]
[Display(Name = "Password")]
public string Password { get; set; }
[Display(Name = "Remember me?")]
public bool RememberMe { get; set; }
}
The problem I can see here is you are not validating the user. For eg
if (Membership.ValidateUser(model.UserName, model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
if (this.Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return this.Redirect(returnUrl);
}
return this.RedirectToAction("Index", "Home");
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.