public override string[] GetRolesForUser(string username)
{
var userRoles = new List <string>();
var _server = string.Empty;
var _port = 389;
var _useSSL = false;
var _path = string.Empty;
var _username = string.Empty;
var _password = string.Empty;
var _userNameAttribute = string.Empty;
var _scope = new SearchScope();
var _simpleBind = false;
var directoryEntry = StsManager.ProviderNode(Name, false, out _server, out _port, out _useSSL,
out _path, out _username, out _password, out _userNameAttribute, out _scope, out _simpleBind);
var directorySearcher = new DirectorySearcher(directoryEntry)
{
Filter = String.Format("(&(ObjectClass=user)({0}={1}))",
_userNameAttribute,
username),
SearchScope = _scope
};
var results = directorySearcher.FindAll();
foreach (SearchResult result in results)
{
var roleName = result.GetDirectoryEntry();
userRoles.Add(roleName.Properties["distinguishedName"].Value.ToString());
}
return(userRoles.ToArray());
}
public static DirectoryEntry ProviderNode(string providerName, bool IsProviderMembership, out string _server, out int _port, out bool _useSSL, out string _path,
out string _username, out string _password, out string _userNameAttribute, out SearchScope _scope, out bool _simpleBind)
{
XmlNode provider = new XmlDocument();
var ldapPath = string.Empty;
var path = SPUtility.GetVersionedGenericSetupPath(@"WebServices\SecurityToken\web.config", 15);
var xmlDocument = new XmlDocument();
xmlDocument.Load(path);
if (IsProviderMembership)
{
provider =
xmlDocument.SelectSingleNode(
(String.Format("configuration/system.web/membership/providers/add[@name='{0}']", providerName)));
}
else
{
provider =
xmlDocument.SelectSingleNode(
(String.Format("configuration/system.web/roleManager/providers/add[@name='{0}']", providerName)));
}
try
{
_server = (provider.Attributes["server"].Value == null)
? "localhost"
: provider.Attributes["server"].Value;
}
catch (NullReferenceException)
{
_server = "localhost";
}
try
{
_port = (provider.Attributes["port"].Value == null) ? 389 : Convert.ToInt32(provider.Attributes["port"].Value);
}
catch (NullReferenceException)
{
_port = 389;
}
try
{
_useSSL = (provider.Attributes["useSSL"].Value != null) && Convert.ToBoolean(provider.Attributes["useSSL"].Value);
}
catch (NullReferenceException)
{
_useSSL = false;
}
_path = string.Empty;
try
{
_username = provider.Attributes["Username"].Value ?? "";
}
catch (NullReferenceException)
{
//Attribute not present
_username = string.Empty;
}
try
{
_password = provider.Attributes["Password"].Value ?? "";
}
catch (NullReferenceException)
{
//Attribute not present
_password = string.Empty;
}
try
{
_simpleBind = (provider.Attributes["simpleBind"].Value != null) && Convert.ToBoolean(provider.Attributes["simpleBind"].Value);
}
catch (NullReferenceException)
{
_simpleBind = false;
}
if (IsProviderMembership)
{
try
{
_path = provider.Attributes["userContainer"].Value ?? string.Empty;
}
catch (NullReferenceException)
{
_path = string.Empty;
}
}
else
{
try
{
_path = provider.Attributes["groupContainer"].Value ?? string.Empty;
}
catch (NullReferenceException)
{
_path = string.Empty;
}
}
try
{
_userNameAttribute = provider.Attributes["userNameAttribute"].Value ?? "userPrincipalName";
}
catch (NullReferenceException)
{
_userNameAttribute = "userPrincipalName";
}
try
{
var scope = (provider.Attributes["scope"].Value.ToUpper() == null) ? "SUBTREE" :
provider.Attributes["scope"].Value;
switch (scope)
{
case "BASE":
_scope = SearchScope.Base;
break;
case "ONELEVEL":
_scope = SearchScope.OneLevel;
break;
case "SUBTREE":
_scope = SearchScope.Subtree;
break;
default:
_scope = SearchScope.Subtree;
break;
}
}
catch (NullReferenceException)
{
_scope = SearchScope.Subtree;
}
var directoryEntry = LdapManager.Connect(_server, _port, _useSSL, _path, _username, _password, _simpleBind);
return(directoryEntry);
}
public override bool ValidateUser(string username, string password)
{
bool isValid = false;
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
return(isValid);
}
string _server;
var _port = 389;
var _useSSL = false;
var _path = string.Empty;
var _username = string.Empty;
var _password = string.Empty;
var _userNameAttribute = string.Empty;
var _scope = new SearchScope();
var _simpleBind = false;
var directoryEntry = StsManager.ProviderNode(Name, true, out _server, out _port, out _useSSL, out _path, out _username,
out _password, out _userNameAttribute, out _scope, out _simpleBind);
var credential = new NetworkCredential(username, password);
var directoryIdentifier = new LdapDirectoryIdentifier(_server, Convert.ToInt32(_port));
var connection = new LdapConnection(directoryIdentifier, credential, AuthType.Basic);
if (_useSSL)
{
connection.SessionOptions.SecureSocketLayer = true;
}
else
{
connection.SessionOptions.Signing = true;
connection.SessionOptions.Sealing = true;
}
try
{
connection.Bind(credential);
isValid = true;
}
catch (ActiveDirectoryServerDownException exception)
{
isValid = false;
SPDiagnosticsService.Local.WriteTrace(100,
new SPDiagnosticsCategory("NaupliusADLDSProvider",
TraceSeverity.High, EventSeverity.Error,
0, 100), TraceSeverity.High,
"AD LDS Server is not responding " +
exception.StackTrace);
}
catch (Exception exception2)
{
//No result code mapping available
isValid = false;
SPDiagnosticsService.Local.WriteTrace(100,
new SPDiagnosticsCategory("NaupliusADLDSProvider",
TraceSeverity.High, EventSeverity.Error,
0, 100), TraceSeverity.Unexpected,
"Unexpected exception in ValidateUser(ss) " +
exception2.StackTrace);
}
return(isValid);
}
