ldap实现用户认证-白红宇

ldap实现用户认证

阅读量：6577 次

发布时间：2019-06-24

本文共 5831 字，大约阅读时间需要 19 分钟。

LDAP的用户认证类。

public class LDAPHelper    {        private DirectoryEntry _objDirectoryEntry;        ///         /// 构造函数        /// 
        /// ldap的地址，例如"LDAP://***.***.48.110:389/dc=***,dc=com"        /// 连接用户名，例如"cn=root,dc=***,dc=com"        /// 连接密码        public bool OpenConnection(string LADPath, string authUserName, string authPWD)        {    //创建一个连接              _objDirectoryEntry = new DirectoryEntry(LADPath, authUserName, authPWD, AuthenticationTypes.None);             if (null == _objDirectoryEntry)             {                 return false;             }             else if (_objDirectoryEntry.Properties!=null&&_objDirectoryEntry.Properties.Count > 0)             {                 return true;             }             return false;        }        ///         /// 检测一个用户和密码是否正确        /// 
        /// (|(uid= {0})(cn={0}))        /// testuserid        /// testuserpassword        ///         /// 
             public bool CheckUidAndPwd(string strLDAPFilter, string TestUserID, string TestUserPwd, ref string ErrorMessage)        {            bool blRet = false;            try            {                //创建一个检索                DirectorySearcher deSearch = new DirectorySearcher(_objDirectoryEntry);                //过滤名称是否存在                deSearch.Filter =strLDAPFilter;                deSearch.SearchScope = SearchScope.Subtree;                //find the first instance                 SearchResult objSearResult = deSearch.FindOne();                //如果用户密码为空                if (string.IsNullOrEmpty(TestUserPwd))                {                    if (null != objSearResult && null != objSearResult.Properties && objSearResult.Properties.Count > 0)                    {                        blRet = true;                    }                }                else if (null != objSearResult && !string.IsNullOrEmpty(objSearResult.Path))                {                    //获取用户名路径对应的用户uid                    int pos = objSearResult.Path.LastIndexOf('/');                    string uid = objSearResult.Path.Remove(0, pos + 1);                    DirectoryEntry objUserEntry = new DirectoryEntry(objSearResult.Path, uid, TestUserPwd, AuthenticationTypes.None);                    if (null != objUserEntry && objUserEntry.Properties.Count > 0)                    {                        blRet = true;                    }                }            }            catch (Exception ex)            {                if (null != _objDirectoryEntry)                {                    _objDirectoryEntry.Close();                }                ErrorMessage = "检测异常："+ex.StackTrace;            }            return blRet;        }        ///         /// 关闭连接        /// 
        public void closeConnection()        {            if (null != _objDirectoryEntry)            {                _objDirectoryEntry.Close();            }        }    }

调用过程如下

private void btnCheck_Click(object sender, EventArgs e)        {            string strLDAPFilter = string.Format(txtFilter.Text, txtUserName.Text.Trim());                  //deSearch.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))";            string TestUserID = txtUserName.Text;            string TestUserPwd = txtPwd.Text;            LDAPHelper objldap = new LDAPHelper();            string strLDAPPath = txtLDAP.Text;            string strLDAPAdminName = txtLUserName.Text;            string strLDAPAdminPwd = txtLPwd.Text;            string strMsg = "";            bool blRet = objldap.OpenConnection(strLDAPPath, strLDAPAdminName, strLDAPAdminPwd);            if (blRet)            {                blRet = objldap.CheckUidAndPwd(strLDAPFilter, TestUserID, TestUserPwd, ref strMsg);                if (blRet)                {                    strMsg = "检测用户名" + TestUserID + "和密码" + TestUserPwd + "成功";                }                else if (!blRet && string.IsNullOrEmpty(strMsg))                {                    strMsg = "检测用户名" + TestUserID + "和密码" + TestUserPwd + "失败";                }            }            this.txtLog.Text = System.DateTime.Now.ToString() + ":" + strMsg + "\r\n" + "\r\n" + this.txtLog.Text;            MessageBox.Show(strMsg);        }    }

调用过程1

bool checkResult = false;                try                {                    string username = Request.Params.Get("username");                    string userpwd = Request.Params.Get("userpwd");                    string strLADPath = "LDAP://OU=事业部,DC=HOLD,DC=Company,DC=COM";                                       DirectoryEntry objEntry = new DirectoryEntry(strLADPath);                    objEntry.AuthenticationType = AuthenticationTypes.None;                    DirectorySearcher deSearch = new DirectorySearcher(objEntry);                    //过滤名称是否存在                    deSearch.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))";                    deSearch.SearchScope = SearchScope.Subtree;                    //find the first instance                     SearchResult results = deSearch.FindOne();                    //check username & userpwd                    if (null != results)                    {                        DirectoryEntry objUserEntry = new DirectoryEntry(results.Path, username, userpwd);                        if (null != objUserEntry && null != objUserEntry.Properties                            && objUserEntry.Properties.Contains("cn"))                        {                            checkResult = true;                        }                    }                    Response.Write("认证结果：" + checkResult.ToString());                }                catch (System.Exception ex)                {                    Response.Write("认证异常"+ex.StackTrace);                    Response.Write("认证结果：" + checkResult.ToString());                }

转载于:https://www.cnblogs.com/waban/p/5249509.html

你可能感兴趣的文章

[c++]常对象的特点

查看>>

Django之组合搜索组件（二）--另附simple_tag的创建使用方法

查看>>

webpack打包The 'mode' option has not been set,错误提示

查看>>

kermit的安装、配置、使用

查看>>

jQuery 的attr（）与css（）的区别

查看>>