Exemple #1
0
        //public void authenticateUser2()
        //{
        //    var ADHost = "ad01.devfasah.sa";
        //    var saslRequest = new SaslDigestMd5Request("user1", "P@ssw0rd", "devfasah.sa", ADHost);
        //    using (var conn = new LdapConnection())
        //    {
        //        try
        //        {
        //            conn.Connect(ADHost, 389);
        //            conn.StartTls();
        //            conn.Bind(saslRequest);
        //            Console.WriteLine($"[{conn.AuthenticationMethod}] {conn.AuthenticationDn}");
        //        }
        //        finally
        //        {
        //            if (conn.Tls)
        //            {
        //                conn.StopTls();
        //            }
        //        }
        //    }
        //}


        public Loginresult ValidateUserWithDefaultObject(string username, string password)
        {
            Loginresult loginresult = new Loginresult();
            string      userDn      = $"{username}@{"devfasah.sa"}";

            using (var connection = new LdapConnection {
                SecureSocketLayer = false
            })
            {
                connection.Connect("ad01.devfasah.sa", 389);
                connection.Bind(userDn, password);
                if (connection.Bound)
                {
                    //we need to creat default identity user


                    //var user = new ClaimsPrincipal(new ClaimsIdentity(new Claim[] {
                    //                new Claim(ClaimTypes.NameIdentifier, username),
                    //                new Claim(ClaimTypes.Name, userDn)
                    //                // other required and custom claims
                    //           }, "DefaulAuthenticationUser"));


                    var identity = new ClaimsIdentity(MyAuthentication.ApplicationCookie, ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);


                    List <string> memberships = new List <string>();
                    var           claims      = new List <Claim>();

                    //Anonymous
                    ADGroups.Add(new Group {
                        Name = "Everyone"
                    });
                    ADGroups.Add(new Group {
                        Name = "Anonymous"
                    });
                    foreach (Group item in ADGroups)
                    {
                        claims.Add(new Claim(ClaimTypes.Role, item.Name.ToString()));
                        memberships.Add(item.Name.ToString());
                    }

                    if (claims.Count > 0)
                    {
                        identity.AddClaims(claims);
                    }

                    CMS.User._memberships = memberships;

                    loginresult.claimsid = identity;

                    return(loginresult);
                }
            }


            return(loginresult);
        }
Exemple #2
0
        public Loginresult ValidateUserWithDefaultObjectForSerach(string username, string password)
        {
            Loginresult loginresult = new Loginresult();
            string      userDn      = $"{"user1"}@{"devfasah.sa"}";

            using (var connection = new LdapConnection {
                SecureSocketLayer = false
            })
            {
                connection.Connect("ad01.devfasah.sa", 389);
                connection.Bind(userDn, password);
                if (connection.Bound)
                {
                    string searchFilter = string.Empty; //"(cn=" + username + ")";

                    var queue = connection.Search(string.Empty,
                                                  LdapConnection.ScopeSub, searchFilter, null, false, (LdapSearchQueue)
                                                  null, (LdapSearchConstraints)null);
                    LdapMessage message;
                    while ((message = queue.GetResponse()) != null)
                    {
                        if (message is LdapSearchResult)
                        {
                            //             LdapEntry entry = (LdapSearchResult)message.Entry;

                            //             // Get the attribute set of the entry
                            //             LdapAttributeSet attributeSet = entry.GetAttributeSet();
                            //             System.Collections.IEnumerator ienum =
                            //   attributeSet.GetEnumerator();

                            //             // Parse through the attribute set to get the attributes and
                            //             ///   the corresponding values
                            //             while (ienum.MoveNext())
                            //             {
                            //                 LdapAttribute attribute = (LdapAttribute)ienum.Current;
                            //                 string attributeName = attribute.Name;
                            //                 string attributeVal = attribute.StringValue;
                            //                 Console.WriteLine(attributeName + "value:" +
                            //attributeVal);
                            //             }
                        }
                    }

                    //Procced

                    //While all the required entries are parsed, disconnect
                    connection.Disconnect();


                    return(loginresult);
                }
            }


            return(loginresult);
        }
Exemple #3
0
        public async Task <Loginresult> ValidateUserUsinLdapApi(string username, string password)
        {
            Loginresult loginresult = new Loginresult();


            AuthorizationLdap _LdapApiAuthenticationService = new AuthorizationLdap();
            string            json = await _LdapApiAuthenticationService.getUserRoles(username, password);

            if (!string.IsNullOrEmpty(json))
            {
                string Roles      = json.Replace("[", "").Replace("]", ""); // now you have an array of 3 strings
                var    RolesArray = Roles.Split(',');                       // now you have the same as in the first line

                foreach (string role in RolesArray)
                {
                    ADGroups.Add(new Group {
                        Name = role.Replace("\r\n", string.Empty).Replace("\"", string.Empty).Trim()
                    });
                }
                var identity = new ClaimsIdentity(MyAuthentication.ApplicationCookie, ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);


                List <string> memberships = new List <string>();
                var           claims      = new List <Claim>();

                //Anonymous
                ADGroups.Add(new Group {
                    Name = "Everyone"
                });
                ADGroups.Add(new Group {
                    Name = "Anonymous"
                });
                foreach (Group item in ADGroups)
                {
                    claims.Add(new Claim(ClaimTypes.Role, item.Name.ToString()));
                    memberships.Add(item.Name.ToString());
                }

                if (claims.Count > 0)
                {
                    identity.AddClaims(claims);
                }

                CMS.User._memberships = memberships;
                CMS.User.username     = username;
                loginresult.claimsid  = identity;

                return(loginresult);
            }
            else
            {
                return(loginresult);
            }
        }
Exemple #4
0
        public void UnValidateUser()
        {
            Loginresult loginresult = new Loginresult();


            AuthorizationLdap _LdapApiAuthenticationService = new AuthorizationLdap();


            var identity = new ClaimsIdentity();


            List <string> memberships = new List <string>();
            var           claims      = new List <Claim>();

            //Anonymous
            ADGroups = new List <Group>();

            ADGroups.Add(new Group {
                Name = "Everyone"
            });
            ADGroups.Add(new Group {
                Name = "Anonymous"
            });
            foreach (Group item in ADGroups)
            {
                claims.Add(new Claim(ClaimTypes.Role, item.Name.ToString()));
                memberships.Add(item.Name.ToString());
            }

            if (claims.Count > 0)
            {
                identity.AddClaims(claims);
            }

            CMS.User._memberships = null;
            CMS.User.username     = "";
        }
Exemple #5
0
        public Loginresult ValidateCredentials(string userName, string password)
        {
            //userName = "******";
            //password = "******";
            Loginresult loginresult = new Loginresult();

            loginresult.claimsid = null;
            loginresult.message  = string.Empty;
            try
            {
                using (var adContext = new PrincipalContext(ContextType.Domain, "ad01.devfasah.sa:389", "user1", "P@ssw0rd"))

                //	using (var adContext = new PrincipalContext(ContextType.Domain, "devfasah.sa", "system_test_7", "P@ssw0rd7"))
                {
                    bool          isAuthenticated = false;
                    UserPrincipal userPrincipal   = null;

                    try
                    {
                        bool isvalid = adContext.ValidateCredentials(userName, password);
                        if (!isvalid)
                        {
                            loginresult.claimsid = null;
                            loginresult.message  = "Invalid Credentials";
                            return(loginresult);
                        }
                        userPrincipal = UserPrincipal.FindByIdentity(adContext, IdentityType.SamAccountName, userName);
                        if (userPrincipal != null)
                        {
                            //in dev test let this be true.
                            isAuthenticated = true;
                        }
                        //foreach (GroupPrincipal group in userPrincipal.GetGroups())
                        //{
                        //	Console.Out.WriteLine(group);
                        //}
                    }
                    catch (Exception ex)
                    {
                        string e1 = ex.Message;
                        isAuthenticated      = false;
                        userPrincipal        = null;
                        loginresult.claimsid = null;
                        loginresult.message  = "An error occurred. Please contact Administrator :Error" + ex.Message;
                    }
                    if (!isAuthenticated || userPrincipal == null)
                    {
                        loginresult.claimsid = null;
                        loginresult.message  = "Invalid Credentials";
                    }

                    if (userPrincipal.IsAccountLockedOut())
                    {
                        // here can be a security related discussion weather it is worth
                        // revealing this information
                        loginresult.claimsid = null;
                        loginresult.message  = "Account is locked";
                    }

                    if (userPrincipal.Enabled.HasValue && userPrincipal.Enabled.Value == false)
                    {
                        // here can be a security related discussion weather it is worth
                        // revealing this information
                        return(loginresult);
                    }


                    var ISMappUser = GetallADGroups(userPrincipal);
                    if (ISMappUser.Count == 0 || ISMappUser == null)
                    {
                        // not mapp user in HRM system roles
                        loginresult.claimsid = null;
                        loginresult.message  = "No Groups associated with this Account";
                        return(loginresult);
                    }

                    var identity = CreateIdentity(userPrincipal);


                    loginresult.claimsid = identity;
                    User.username        = userName;
                    loginresult.message  = "Success";
                    return(loginresult);
                }
            }
            catch (Exception ex)
            {
                loginresult.claimsid = null;
                string err = ex.Message;
                loginresult.message = "An error occurred. Please contact Administrator :Error" + ex.Message;
                return(loginresult);
            }
        }
Exemple #6
0
        public Loginresult ValidateUser(string username, string password)
        {
            Loginresult loginresult = new Loginresult();
            string      userDn      = $"{username}@{"devfasah.sa"}";

            using (var connection = new LdapConnection {
                SecureSocketLayer = false
            })
            {
                connection.Connect("ad01.devfasah.sa", 389);
                connection.Bind(userDn, password);
                if (connection.Bound)
                {
                    var groups     = new HashSet <string>();
                    var searchBase = string.Empty;
                    var filter     = "(objectCategory=person)(objectClass=user)";
                    var atr        = new string[1];
                    atr[0] = "memberOf";
                    var search = connection.Search(searchBase, LdapConnection.ScopeSub, filter, atr, false);
                    while (search.HasMore())
                    {
                        var nextEntry = search.Next();
                        groups.Add(nextEntry.Dn);
                        var childGroups = GetChildren(string.Empty, nextEntry.Dn);
                        foreach (var child in childGroups)
                        {
                            groups.Add(child);
                        }
                    }
                    return(loginresult);


                    // string searchBase = "ou=users,o=Company";
                    ///  string searchFilter = "objectClass=inetOrgPerson";
                    //string[] requiredAttributes = { "cn", "sn", "uid" };
                    //ILdapSearchResults lsc = connection.Search(string.Empty,
                    //                    LdapConnection.ScopeSub,
                    //                    string.Empty,
                    //                    null,
                    //                    false);
                    //while (lsc.HasMore())
                    //{

                    //    LdapEntry nextEntry = null;
                    //    try
                    //    {
                    //        nextEntry = lsc.Next();
                    //    }
                    //    catch (LdapException e)
                    //    {
                    //        Console.WriteLine("Error : " + e.LdapErrorMessage);
                    //        continue;
                    //    }


                    //}
                }
            }


            return(loginresult);
        }