public override string[] GetRolesForUser(string username) { var userRoles = new List <string>(); var _server = string.Empty; var _port = 389; var _useSSL = false; var _path = string.Empty; var _username = string.Empty; var _password = string.Empty; var _userNameAttribute = string.Empty; var _scope = new SearchScope(); var _simpleBind = false; var directoryEntry = StsManager.ProviderNode(Name, false, out _server, out _port, out _useSSL, out _path, out _username, out _password, out _userNameAttribute, out _scope, out _simpleBind); var directorySearcher = new DirectorySearcher(directoryEntry) { Filter = String.Format("(&(ObjectClass=user)({0}={1}))", _userNameAttribute, username), SearchScope = _scope }; var results = directorySearcher.FindAll(); foreach (SearchResult result in results) { var roleName = result.GetDirectoryEntry(); userRoles.Add(roleName.Properties["distinguishedName"].Value.ToString()); } return(userRoles.ToArray()); }
public static DirectoryEntry ProviderNode(string providerName, bool IsProviderMembership, out string _server, out int _port, out bool _useSSL, out string _path, out string _username, out string _password, out string _userNameAttribute, out SearchScope _scope, out bool _simpleBind) { XmlNode provider = new XmlDocument(); var ldapPath = string.Empty; var path = SPUtility.GetVersionedGenericSetupPath(@"WebServices\SecurityToken\web.config", 15); var xmlDocument = new XmlDocument(); xmlDocument.Load(path); if (IsProviderMembership) { provider = xmlDocument.SelectSingleNode( (String.Format("configuration/system.web/membership/providers/add[@name='{0}']", providerName))); } else { provider = xmlDocument.SelectSingleNode( (String.Format("configuration/system.web/roleManager/providers/add[@name='{0}']", providerName))); } try { _server = (provider.Attributes["server"].Value == null) ? "localhost" : provider.Attributes["server"].Value; } catch (NullReferenceException) { _server = "localhost"; } try { _port = (provider.Attributes["port"].Value == null) ? 389 : Convert.ToInt32(provider.Attributes["port"].Value); } catch (NullReferenceException) { _port = 389; } try { _useSSL = (provider.Attributes["useSSL"].Value != null) && Convert.ToBoolean(provider.Attributes["useSSL"].Value); } catch (NullReferenceException) { _useSSL = false; } _path = string.Empty; try { _username = provider.Attributes["Username"].Value ?? ""; } catch (NullReferenceException) { //Attribute not present _username = string.Empty; } try { _password = provider.Attributes["Password"].Value ?? ""; } catch (NullReferenceException) { //Attribute not present _password = string.Empty; } try { _simpleBind = (provider.Attributes["simpleBind"].Value != null) && Convert.ToBoolean(provider.Attributes["simpleBind"].Value); } catch (NullReferenceException) { _simpleBind = false; } if (IsProviderMembership) { try { _path = provider.Attributes["userContainer"].Value ?? string.Empty; } catch (NullReferenceException) { _path = string.Empty; } } else { try { _path = provider.Attributes["groupContainer"].Value ?? string.Empty; } catch (NullReferenceException) { _path = string.Empty; } } try { _userNameAttribute = provider.Attributes["userNameAttribute"].Value ?? "userPrincipalName"; } catch (NullReferenceException) { _userNameAttribute = "userPrincipalName"; } try { var scope = (provider.Attributes["scope"].Value.ToUpper() == null) ? "SUBTREE" : provider.Attributes["scope"].Value; switch (scope) { case "BASE": _scope = SearchScope.Base; break; case "ONELEVEL": _scope = SearchScope.OneLevel; break; case "SUBTREE": _scope = SearchScope.Subtree; break; default: _scope = SearchScope.Subtree; break; } } catch (NullReferenceException) { _scope = SearchScope.Subtree; } var directoryEntry = LdapManager.Connect(_server, _port, _useSSL, _path, _username, _password, _simpleBind); return(directoryEntry); }
public override bool ValidateUser(string username, string password) { bool isValid = false; if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password)) { return(isValid); } string _server; var _port = 389; var _useSSL = false; var _path = string.Empty; var _username = string.Empty; var _password = string.Empty; var _userNameAttribute = string.Empty; var _scope = new SearchScope(); var _simpleBind = false; var directoryEntry = StsManager.ProviderNode(Name, true, out _server, out _port, out _useSSL, out _path, out _username, out _password, out _userNameAttribute, out _scope, out _simpleBind); var credential = new NetworkCredential(username, password); var directoryIdentifier = new LdapDirectoryIdentifier(_server, Convert.ToInt32(_port)); var connection = new LdapConnection(directoryIdentifier, credential, AuthType.Basic); if (_useSSL) { connection.SessionOptions.SecureSocketLayer = true; } else { connection.SessionOptions.Signing = true; connection.SessionOptions.Sealing = true; } try { connection.Bind(credential); isValid = true; } catch (ActiveDirectoryServerDownException exception) { isValid = false; SPDiagnosticsService.Local.WriteTrace(100, new SPDiagnosticsCategory("NaupliusADLDSProvider", TraceSeverity.High, EventSeverity.Error, 0, 100), TraceSeverity.High, "AD LDS Server is not responding " + exception.StackTrace); } catch (Exception exception2) { //No result code mapping available isValid = false; SPDiagnosticsService.Local.WriteTrace(100, new SPDiagnosticsCategory("NaupliusADLDSProvider", TraceSeverity.High, EventSeverity.Error, 0, 100), TraceSeverity.Unexpected, "Unexpected exception in ValidateUser(ss) " + exception2.StackTrace); } return(isValid); }