I've been working on adding LDAP authentication to a GCN site I'm developing for work. I work at a university and we have an AD setup. To this end, I used the code provided from Microsoft for an LDAP login and got the example working successfully. (see link
http://support.microsoft.com/default.aspx?scid=kb;en;316748) I've spent the last week trying to convert/integrate this for use in GCN without much success. The complexity of the login structure of GCN is making my head spin. Has anyone done this already? And
more importantly, would you share your code? Thanx for your help, Bob "JohnnyNoir" Singer
I got it working for the AD/LDAP login. I'm going to try convert this for an iPlanet LDAP server login next. Here's my changes for GCN: Do this first before making any changes to the code: Add the Active Directory account as to the site and make them an administrator.
Otherwise, you'll have to edit the Community table manually later. I had to do this using SQL Enterprise Manager. I opened the Community_UsersInRoles table and renamed the Admin account using my AD username. _____________________________________________________________________________________________
community\communities\common\themes\default\skins\contentskins\users_login.ascx _____________________________________________________________________________________________ added to the table above the checkbox definition
Domain: _____________________________________________________________________________________________ community\engine\framework\users\content\login.cs _____________________________________________________________________________________________
added to class Login : SkinnedCommunityControl TextBox txtDomain; added to the InitializeSkin control // Find the Domain TextBox txtDomain = (TextBox)GetControl(skin, "txtDomain"); replaced in btnLogin_Click control replaced this: switch ( UserUtility.LoginUser(txtUsername.Text,txtPassword.Text)
) with this: switch ( UserUtility.LoginUser(txtUsername.Text,txtPassword.Text,txtDomain.Text) ) ____________________________________________________________________________________________ community\engine\framework\users\components\UserUtility ____________________________________________________________________________________________
added to public class UserUtility private static String _path = "LDAP:///DC="; private static String _filterAttribute; replaced LoginUser method public static int LoginUser(string username, string password, string domain){ string domainAndUsername = domain
+ @"\" + username; int neg = 1; int pos = 0; DirectoryEntry entry = new DirectoryEntry( _path, domainAndUsername, password); try { // Bind to the native AdsObject to force authentication. //Object obj = entry.NativeObject; DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + username + ")"; search.PropertiesToLoad.Add("CN"); SearchResult result = search.FindOne(); if(null == result) { return neg; } // Update the new path to the user in the directory _path = result.Path; _filterAttribute = (string)result.Properties["cn"][0];
} catch (Exception ex) { throw new Exception("Error authenticating user. " + ex.Message); } //automatically adds AD authenticated user to SQL db SqlConnection conPortal = new SqlConnection(CommunityGlobals.ConnectionString); SqlCommand cmdAdd = new SqlCommand("Community_UsersRegisterUser",
conPortal); cmdAdd.CommandType = CommandType.StoredProcedure; cmdAdd.Parameters.Add("@RETURN_VALUE", SqlDbType.Int).Direction = ParameterDirection.ReturnValue; cmdAdd.Parameters.Add("@communityID", CommunityGlobals.CommunityID); cmdAdd.Parameters.Add("@username",
username); cmdAdd.Parameters.Add("@password", "fakepassword"); cmdAdd.Parameters.Add("@email", ""); cmdAdd.Parameters.Add("@firstName", ""); cmdAdd.Parameters.Add("@lastName", ""); cmdAdd.Parameters.Add("@timezone", ""); cmdAdd.Parameters.Add("@occupation",
""); cmdAdd.Parameters.Add("@location", ""); cmdAdd.Parameters.Add("@interests", ""); cmdAdd.Parameters.Add("@msn", ""); cmdAdd.Parameters.Add("@yahoo", ""); cmdAdd.Parameters.Add("@aim", ""); cmdAdd.Parameters.Add("@icq", ""); cmdAdd.Parameters.Add("@url",
""); cmdAdd.Parameters.Add("@fakeEmail", ""); cmdAdd.Parameters.Add("@enableNewsletter", ""); cmdAdd.Parameters.Add("@enableNotifications", ""); //SMR - Enh - Begin: Private Messages cmdAdd.Parameters.Add("@enablePrivateMessages", ""); //SMR - Enh - End: Private
Messages conPortal.Open(); cmdAdd.ExecuteNonQuery(); int retVal = (int)cmdAdd.Parameters["@RETURN_VALUE"].Value; conPortal.Close(); return pos; } That's it.
This post just saved years of my life being stressed away, I thought it was going to be disgustingly harder than you made it. Thank you for this information!
None
0 Points
21 Posts
LDAP Authentication
May 31, 2004 01:53 AM|JohnnyNoir|LINK
None
0 Points
21 Posts
Re: LDAP Authentication
Jun 01, 2004 02:43 PM|JohnnyNoir|LINK
None
0 Points
1 Post
Re: LDAP Authentication
Mar 18, 2005 11:14 AM|Prophyt1578|LINK
Member
132 Points
115 Posts
Re: LDAP Authentication
Oct 23, 2008 06:22 AM|sudhanva|LINK
How exactly does this LDAP Authentication works in a web application?
Can anybody explain me the flow?