public ActionResult LogOn(LogOnModel model, string returnUrl) { if (ModelState.IsValid) { if (CheckUserPasswordInActiveDirectory(model)) { //FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); if (CheckUserPasswordInDatabase(model)) { FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); Session["UserName"] = model.UserName; Session["Permission"] = "Y"; Session["Password"] = model.Password; Session["RememberMe"] = model.RememberMe; return RedirectToAction("Index", "SimRegister"); } else { ModelState.AddModelError("", "The user is not permitted to login."); } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } } // If we got this far, something failed, redisplay form return View(model); }
private bool CheckUserPasswordInDatabase(LogOnModel model) { bool result = false; try { BOSIMREG_DOMAINUSER boSIMREG_DOMAINUSER = new BOSIMREG_DOMAINUSER(); //BESIMREG_DOMAINUSER beSIMREG_DOMAINUSER = boSIMREG_DOMAINUSER.GetSIMREG_DOMAINUSER(model.UserName); BESIMREG_DELIVEREDBY beSIMREG_DELIVEREDBY = boSIMREG_DOMAINUSER.GetSIMREG_DOMAINUSERbyDELIVER(model.UserName); if (beSIMREG_DELIVEREDBY != null) { //if (beSIMREG_DOMAINUSER.userid >= 1) if (!String.IsNullOrEmpty(beSIMREG_DELIVEREDBY.USERNAME)) { result = true; Session["CanEdit"] = beSIMREG_DELIVEREDBY.CANEDIT; } } else { result = false; } } catch (Exception) { result = false; } return result; }
private bool CheckUserPasswordInActiveDirectory(LogOnModel model) { string strLoginName = model.UserName; string strADDomanName = GetAdDomainName(); bool result = false; //using (DirectoryEntry de = new DirectoryEntry("LDAP://Banglalink", strLoginName, edtPassword.Text.Trim())) using (DirectoryEntry de = new DirectoryEntry(String.Format("LDAP://{0}", strADDomanName), strLoginName, model.Password)) { using (DirectorySearcher adSearch = new DirectorySearcher(de)) { adSearch.Filter = "(sAMAccountName=" + strLoginName + ")"; try { SearchResult adSearchResult = adSearch.FindOne(); DirectoryEntry adUser = adSearchResult.GetDirectoryEntry(); result = true; } catch (Exception) { result = false; } //string UserEmailAddress = adUser.Properties["mail"].Value.ToString(); } } return result; }