private static LdapUser LdapStandardLogin(LdapSettings ldapSettings, string uid, string password)
{
bool success = false;
LdapUser user = null;
LdapConnection conn = null;
try
{
conn = GetConnection(ldapSettings);
}
catch (System.Net.Sockets.SocketException ex)
{
if (log.IsErrorEnabled)
{
//log.Error("couldn't connect to ldap server ", ex);
string msg = "Login failure for user: "******". Exception: ";
log.Error(msg, ex);
}
}
if ((conn != null) && (conn.Connected))
{
LdapEntry entry = null;
try
{
entry = GetOneUserEntry(conn, ldapSettings, uid);
if (entry != null)
{
LdapConnection authConn = GetConnection(ldapSettings);
authConn.Bind(entry.DN, password);
authConn.Disconnect();
success = true;
}
}
catch (Novell.Directory.Ldap.LdapException ex)
{
if (log.IsErrorEnabled)
{
//log.Error("login failure", ex);
string msg = "Login failure for user: "******". Exception: ";
log.Error(msg, ex);
}
success = false;
}
if (success)
{
if (entry != null)
{
user = new LdapUser(entry);
}
}
conn.Disconnect();
}
return(user);
}
//public static LdapUser LdapLogin(LdapSettings ldapSettings, string uid, string password)
//{
// LdapConnection conn = null;
// try
// {
// conn = GetConnection(ldapSettings);
// }
// catch (System.Net.Sockets.SocketException ex)
// {
// log.Error("couldn't connect to ldap server ", ex);
// }
// bool success = false;
// LdapUser user = null;
// if ((conn != null)&&(conn.Connected))
// {
// LdapEntry entry = null;
// try
// {
// // open ldap uses uid
// if(ldapSettings.UserDNKey == "uid")
// {
// entry = GetOneUserEntry(conn, ldapSettings, uid);
// if(entry != null)
// {
// LdapConnection authConn = GetConnection(ldapSettings);
// authConn.Bind(entry.DN, password);
// authConn.Disconnect();
// success = true;
// }
// }
// else
// {
// // Active Directory uses CN
// // might need this if other Ldap Servers besides Active Directory use CN
// //conn.Bind(
// // ldapSettings.UserDNKey + "=" + uid + "," + ldapSettings.RootDN, password);
// // this works with Active Directory
// conn.Bind(uid + "@" + ldapSettings.Domain, password);
// success = conn.Bound;
// entry = GetOneUserEntry(conn, ldapSettings, uid);
// }
// }
// catch (Novell.Directory.Ldap.LdapException ex)
// {
// if (log.IsErrorEnabled)
// {
// log.Error("login failure", ex);
// }
// success = false;
// }
// if (success)
// {
// if (entry != null)
// {
// user = new LdapUser(entry);
// }
// else
// {
// user = new LdapUser(ldapSettings, uid);
// }
// }
// conn.Disconnect();
// }
// return user;
//}
public static bool TestUser(LdapSettings ldapSettings, string uid, string password)
{
bool result = false;
LdapUser testUser = LdapLogin(ldapSettings, uid, password);
if (testUser != null)
{
result = true;
}
return(result);
}
private static LdapUser ActiveDirectoryLogin(LdapSettings ldapSettings, string uid, string password)
{
bool success = false;
LdapUser user = null;
DirectoryEntry adentry = null;
//Note: Not necessary to check SSL. Default authentication type for .NET 2.0+ is "Secure"
try
{
if (UseRootDNWithActiveDirectory())
{
adentry = new DirectoryEntry("LDAP://" + ldapSettings.Server + "/" + ldapSettings.RootDN, ldapSettings.Domain + "\\" + uid, password);
}
else
{
adentry = new DirectoryEntry("LDAP://" + ldapSettings.Server, ldapSettings.Domain + "\\" + uid, password);
}
}
catch (System.Runtime.InteropServices.COMException ex)
{
if (log.IsErrorEnabled)
{
//log.Error("couldn't connect to ldap server ", ex);
string msg = "Login failure for user: "******". Exception: ";
log.Error(msg, ex);
}
}
if (adentry != null)
{
//Bind to the native AdsObject to force authentication.
try
{
object testobj = adentry.NativeObject;
success = true;
}
catch (System.Runtime.InteropServices.COMException ex)
{
if (log.IsErrorEnabled)
{
log.Error("login failure", ex);
}
success = false;
}
if (success && adentry != null)
{
if (UseRootDNWithActiveDirectory())
{
DirectorySearcher ds = new DirectorySearcher(adentry);
ds.Filter = "(&(sAMAccountName=" + uid + "))";
SearchResult result = ds.FindOne();
if (result != null)
{
//log.Error("successful authentication to ldap server in OU with Server: " + ldapSettings.Server + "; RootDN: " + ldapSettings.RootDN + "; UID=" + uid);
user = new LdapUser(adentry, uid, ldapSettings);
}
else
{
log.Info("failed authentication to ldap server in OU with Server: " + ldapSettings.Server + "; RootDN: " + ldapSettings.RootDN + "; UID=" + uid);
//potentially look in the security group
}
}
else
{
user = new LdapUser(adentry, uid, ldapSettings);
}
}
}
return(user);
}
