예제 #1
0
        /// <summary>
        /// Creates the identity.
        /// </summary>
        /// <param name="samaccountName">Name of the samaccount.</param>
        /// <returns></returns>
        public ClaimsIdentity CreateIdentity(string samaccountName)
        {
            ActiveDirectoryUser userPrincipal = new ActiveDirectoryReadOnlyRepository().GetUser(samaccountName);

            if (userPrincipal != null)
            {
                return(CreateIdentity(userPrincipal));
            }
            else
            {
                return(null);
            }
        }
예제 #2
0
        /// <summary>
        /// Check if username and password matches existing account in AD.
        /// </summary>
        /// <param name="username">The username.</param>
        /// <param name="password">The password.</param>
        /// <returns></returns>
        public bool ValidateCredentials(string username, string password)
        {
            string[] tokens = username.Split('\\');

            string user = "";

            if (tokens.Length == 2)
            {
                user = tokens[1];
            }
            else
            {
                user = username;
            }

            var repo = new ActiveDirectoryReadOnlyRepository();

            return(repo.ValidateCredentials(user, password, ContextOptions.Negotiate));
        }
예제 #3
0
        /// <summary>
        /// Adds information to the response environment that will cause the appropriate authentication
        /// middleware to grant a claims-based identity to the recipient of the response.
        /// </summary>
        /// <param name="username"></param>
        /// <param name="password"></param>
        /// <returns></returns>
        public AuthenticationResult SignIn(string username, string password)
        {
            // authenticates against your Domain AD
            //ContextType authenticationType = ContextType.Domain;
            bool isAuthenticated = false;
            ActiveDirectoryUser userPrincipal = null;

            string[] tokens = username.Split('\\');

            if (tokens.Length == 2)
            {
                var repo = new ActiveDirectoryReadOnlyRepository(tokens[0], username, password);

                try
                {
                    //isAuthenticated = repo.ValidateCredentials(tokens[1], password, ContextOptions.Negotiate);
                    isAuthenticated = ValidateCredentials(tokens[1], password);
                    if (isAuthenticated)
                    {
                        //userPrincipal = UserPrincipal.FindByIdentity(principalContext, username);
                        userPrincipal = repo.GetUser(tokens[1]);
                    }
                }
                catch (Exception)
                {
                    isAuthenticated = false;
                    userPrincipal   = null;
                }
            }
            else
            {
                isAuthenticated = false;
                userPrincipal   = null;
            }

            if (!isAuthenticated || userPrincipal == null)
            {
                return(new AuthenticationResult("Username or Password is not correct"));
            }

            if (userPrincipal.IsAccountLockedOut())
            {
                // here can be a security related discussion weather it is worth
                // revealing this information
                return(new AuthenticationResult("Your account is locked."));
            }

            if (userPrincipal.Enabled.HasValue && userPrincipal.Enabled.Value == false)
            {
                // here can be a security related discussion weather it is worth
                // revealing this information
                return(new AuthenticationResult("Your account is disabled"));
            }

            ClaimsIdentity identity = CreateIdentity(userPrincipal);

            authenticationManager.SignOut("ApplicationCookie");
            authenticationManager.SignIn(new AuthenticationProperties()
            {
                IsPersistent = true
            }, identity);


            return(new AuthenticationResult());
        }