I am trying to implement Forms authentication with AD and am having some problems. I am able to authenticate and search against the AD but when the login is incorrect I am running into problems. I am using the MS VB.NET example. The statement If (result is
Nothing) is not returning a false value? From the MS article I changed:
If (result Is Nothing) Then
Return False
End If
To include an Else
If (result Is Nothing) Then
Return False
Else
Return True
End If
If I had the Return True at the end of the function like the MS article then I always get a return true. I think thats because I am not getting a false value if the user credentials are wrong. I would really like to NOT rely on Exception handling to determin if the user exists or not.
Code someone help me get this working? I just want to authenticate against the AD and if the credentials are correct Return True and create a forms ticket and if they are false or dont exist then Return False.
Login.aspx.vb (Else works but not because the response is false)
Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
Dim LdapAuthenticationDB As New LdapAuthenticationDB
If LdapAuthenticationDB.IsAuthenticated(txtDomain.Text, txtUsername.Text, txtPassword.Text) = True Then
errorLabel.Text = "Authentication succeeded"
Else
errorLabel.Text = "Authentication did not succeed"
End If
End Sub
LdapAuthenticationDB.vb
Dim domainAndUsername As String = domain & "\" & username
Dim entry As DirectoryEntry = New DirectoryEntry(_path, domainAndUsername, pwd)
Try
'Bind to the native AdsObject to force authentication.
Dim obj As Object = entry.NativeObject
Dim search As DirectorySearcher = New DirectorySearcher(entry)
search.Filter = "(SAMAccountName=" & username & ")"
search.PropertiesToLoad.Add("cn")
Dim result As SearchResult = search.FindOne()
If (result Is Nothing) Then
Dim ErrorHandlingDB As New Portal.ErrorHandlingDB
ErrorHandlingDB.EmailGenericResponse("Result was nothing")
Return False
Else
'Update the new path to the user in the directory.
_path = result.Path
_filterAttribute = CType(result.Properties("cn")(0), String)
Dim ErrorHandlingDB As New Portal.ErrorHandlingDB
ErrorHandlingDB.EmailGenericResponse(_path + " " + _filterAttribute)
Return True
End If
Catch ex As Exception
'Throw New Exception("Error authenticating user. " + ex.Message)
End Try
preisi
Member
310 Points
62 Posts
Forms Auth and AD problems
Aug 24, 2004 02:19 PM|LINK
Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click Dim LdapAuthenticationDB As New LdapAuthenticationDB If LdapAuthenticationDB.IsAuthenticated(txtDomain.Text, txtUsername.Text, txtPassword.Text) = True Then errorLabel.Text = "Authentication succeeded" Else errorLabel.Text = "Authentication did not succeed" End If End SubLdapAuthenticationDB.vbDim domainAndUsername As String = domain & "\" & username Dim entry As DirectoryEntry = New DirectoryEntry(_path, domainAndUsername, pwd) Try 'Bind to the native AdsObject to force authentication. Dim obj As Object = entry.NativeObject Dim search As DirectorySearcher = New DirectorySearcher(entry) search.Filter = "(SAMAccountName=" & username & ")" search.PropertiesToLoad.Add("cn") Dim result As SearchResult = search.FindOne() If (result Is Nothing) Then Dim ErrorHandlingDB As New Portal.ErrorHandlingDB ErrorHandlingDB.EmailGenericResponse("Result was nothing") Return False Else 'Update the new path to the user in the directory. _path = result.Path _filterAttribute = CType(result.Properties("cn")(0), String) Dim ErrorHandlingDB As New Portal.ErrorHandlingDB ErrorHandlingDB.EmailGenericResponse(_path + " " + _filterAttribute) Return True End If Catch ex As Exception 'Throw New Exception("Error authenticating user. " + ex.Message) End Try