public static ValidationResult AuthenticateUser(string userName, string password)
{
var client = new AuthenticationServiceClient("WSHttpBinding_IAuthenticationService");
var userDetails = new UserDetails() { UserName = userName, Password = password };
var authenticationResultWithGroups = client.AuthenticateUserAndGetGroupMemberships(userDetails);
if (authenticationResultWithGroups.IsAuthenticated)
{
var authorizedDepartments = ConfigurationManager.AppSettings["AuthorizedDepartments"];
var authorizedDepartmentsForApp = authorizedDepartments.Split(',').Select(c => c.ToLower());
var groupsOfUser = authenticationResultWithGroups.ListOfADGroups.ToList();
if (!groupsOfUser.Any(c => authorizedDepartmentsForApp.Contains(c.ToLower())))
{
authenticationResultWithGroups.IsAuthenticated = false;
authenticationResultWithGroups.ErrorOccured = true;
authenticationResultWithGroups.ErrorMessage = "You are not authorized to use this application.";
}
}
return authenticationResultWithGroups;
}
