private static LdapConnection GetConnection(LdapSettings ldapSettings)
{
LdapConnection conn = new LdapConnection();
conn.Connect(ldapSettings.Server, ldapSettings.Port);
return(conn);
}
private static LdapEntry GetOneUserEntry(
LdapConnection conn,
LdapSettings ldapSettings,
string search)
{
LdapSearchConstraints constraints = new LdapSearchConstraints();
LdapSearchQueue queue = null;
queue = conn.Search(
ldapSettings.RootDN,
LdapConnection.SCOPE_SUB,
ldapSettings.UserDNKey + "=" + search,
null,
false,
(LdapSearchQueue)null,
(LdapSearchConstraints)null);
LdapEntry entry = null;
if (queue != null)
{
LdapMessage message = queue.getResponse();
if (message != null)
{
if (message is LdapSearchResult)
{
entry = ((LdapSearchResult)message).Entry;
}
}
}
return(entry);
}
public static bool TestUser(LdapSettings ldapSettings, string uid, string password)
{
bool result = false;
LdapUser testUser = LdapLogin(ldapSettings, uid, password);
if (testUser != null)
{
result = true;
}
return(result);
}
public LdapUser(LdapSettings ldapSettings, String userName)
{
// in some cases with Active Directory
// we can't actually retrieve ldap entries
// we really just need to create a Cynthia user
// from the ldap user so if we can't read it, just create an ldap user
// with the properties we do have
// Active Directory allows us to bind a connection for authentication
// even if we can't query for entries
email = new LdapAttribute("email", userName + "@" + ldapSettings.Domain);
commonname = new LdapAttribute("commonname", userName);
userid = new LdapAttribute("userid", userName);
}
public static LdapUser LdapLogin(LdapSettings ldapSettings, string uid, string password)
{
LdapConnection conn = null;
try
{
conn = GetConnection(ldapSettings);
}
catch (System.Net.Sockets.SocketException ex)
{
log.Error("couldn't connect to ldap server ", ex);
}
bool success = false;
LdapUser user = null;
if ((conn != null) && (conn.Connected))
{
LdapEntry entry = null;
try
{
// open ldap uses uid
if (ldapSettings.UserDNKey == "uid")
{
entry = GetOneUserEntry(conn, ldapSettings, uid);
if (entry != null)
{
LdapConnection authConn = GetConnection(ldapSettings);
authConn.Bind(entry.DN, password);
authConn.Disconnect();
success = true;
}
}
else
{
// Active Directory uses CN
// might need this if other Ldap Servers besides Active Directory use CN
//conn.Bind(
// ldapSettings.UserDNKey + "=" + uid + "," + ldapSettings.RootDN, password);
// this works with Active Directory
conn.Bind(uid + "@" + ldapSettings.Domain, password);
success = conn.Bound;
entry = GetOneUserEntry(conn, ldapSettings, uid);
}
}
catch (Novell.Directory.Ldap.LdapException ex)
{
if (log.IsErrorEnabled)
{
log.Error("login failure", ex);
}
success = false;
}
if (success)
{
if (entry != null)
{
user = new LdapUser(entry);
}
else
{
user = new LdapUser(ldapSettings, uid);
}
}
conn.Disconnect();
}
return(user);
}