ldap实现用户认证

LDAP的用户认证类。

public class LDAPHelper{private DirectoryEntry _objDirectoryEntry;/// <summary>/// 构造函数/// </summary>/// <param name="LADPath">ldap的地址，例如"LDAP://***.***.48.110:389/dc=***,dc=com"</param>/// <param name="authUserName">连接用户名，例如"cn=root,dc=***,dc=com"</param>/// <param name="authPWD">连接密码</param>public bool OpenConnection(string LADPath, string authUserName, string authPWD){    //创建一个连接 _objDirectoryEntry = new DirectoryEntry(LADPath, authUserName, authPWD, AuthenticationTypes.None);if (null == _objDirectoryEntry){return false;}else if (_objDirectoryEntry.Properties!=null&&_objDirectoryEntry.Properties.Count > 0){return true;}return false;}/// <summary>/// 检测一个用户和密码是否正确/// </summary>/// <param name="strLDAPFilter">(|(uid= {0})(cn={0}))</param>/// <param name="TestUserID">testuserid</param>/// <param name="TestUserPwd">testuserpassword</param>/// <param name="ErrorMessage"></param>/// <returns></returns>public bool CheckUidAndPwd(string strLDAPFilter, string TestUserID, string TestUserPwd, ref string ErrorMessage){bool blRet = false;try{//创建一个检索DirectorySearcher deSearch = new DirectorySearcher(_objDirectoryEntry);//过滤名称是否存在deSearch.Filter =strLDAPFilter;deSearch.SearchScope = SearchScope.Subtree;//find the first instance SearchResult objSearResult = deSearch.FindOne();//如果用户密码为空if (string.IsNullOrEmpty(TestUserPwd)){if (null != objSearResult && null != objSearResult.Properties && objSearResult.Properties.Count > 0){blRet = true;}}else if (null != objSearResult && !string.IsNullOrEmpty(objSearResult.Path)){//获取用户名路径对应的用户uidint pos = objSearResult.Path.LastIndexOf('/');string uid = objSearResult.Path.Remove(0, pos + 1);DirectoryEntry objUserEntry = new DirectoryEntry(objSearResult.Path, uid, TestUserPwd, AuthenticationTypes.None);if (null != objUserEntry && objUserEntry.Properties.Count > 0){blRet = true;}}}catch (Exception ex){if (null != _objDirectoryEntry){_objDirectoryEntry.Close();}ErrorMessage = "检测异常："+ex.StackTrace;}return blRet;}/// <summary>/// 关闭连接/// </summary>public void closeConnection(){if (null != _objDirectoryEntry){_objDirectoryEntry.Close();}}}

调用过程如下

 private void btnCheck_Click(object sender, EventArgs e){string strLDAPFilter = string.Format(txtFilter.Text, txtUserName.Text.Trim());      //deSearch.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))";string TestUserID = txtUserName.Text;string TestUserPwd = txtPwd.Text;LDAPHelper objldap = new LDAPHelper();string strLDAPPath = txtLDAP.Text;string strLDAPAdminName = txtLUserName.Text;string strLDAPAdminPwd = txtLPwd.Text;string strMsg = "";bool blRet = objldap.OpenConnection(strLDAPPath, strLDAPAdminName, strLDAPAdminPwd);if (blRet){blRet = objldap.CheckUidAndPwd(strLDAPFilter, TestUserID, TestUserPwd, ref strMsg);if (blRet){strMsg = "检测用户名" + TestUserID + "和密码" + TestUserPwd + "成功";}else if (!blRet && string.IsNullOrEmpty(strMsg)){strMsg = "检测用户名" + TestUserID + "和密码" + TestUserPwd + "失败";}}this.txtLog.Text = System.DateTime.Now.ToString() + ":" + strMsg + "\r\n" + "\r\n" + this.txtLog.Text;MessageBox.Show(strMsg);}}

调用过程1

bool checkResult = false;try{string username = Request.Params.Get("username");string userpwd = Request.Params.Get("userpwd");string strLADPath = "LDAP://OU=事业部,DC=HOLD,DC=Company,DC=COM";DirectoryEntry objEntry = new DirectoryEntry(strLADPath);objEntry.AuthenticationType = AuthenticationTypes.None;DirectorySearcher deSearch = new DirectorySearcher(objEntry);//过滤名称是否存在deSearch.Filter = "(&(objectClass=user)(sAMAccountName=" + username + "))";deSearch.SearchScope = SearchScope.Subtree;//find the first instance SearchResult results = deSearch.FindOne();//check username & userpwdif (null != results){DirectoryEntry objUserEntry = new DirectoryEntry(results.Path, username, userpwd);if (null != objUserEntry && null != objUserEntry.Properties&& objUserEntry.Properties.Contains("cn")){checkResult = true;}}Response.Write("认证结果：" + checkResult.ToString());}catch (System.Exception ex){Response.Write("认证异常"+ex.StackTrace);Response.Write("认证结果：" + checkResult.ToString());}

转载于:https://www.cnblogs.com/waban/p/5249509.html

ldap实现用户认证相关推荐

ldap统一用户认证php,针对LDAP服务器进行身份认证
Symfony提供了不同的方法来配合LDAP服务器使用. Security组件提供: ldap user provider,使用的是 form_login_ldap authentication pr ...
python 用户认证_Python使用LDAP做用户认证的方法
LDAP(Light Directory Access Portocol)是轻量目录访问协议,基于X.500标准,支持TCP/IP. LDAP目录以树状的层次结构来存储数据.每个目录记录都有标识名(D ...
Python使用LDAP做用户认证
LDAP(Light Directory Access Portocol)是轻量目录访问协议,基于X.500标准,支持TCP/IP. LDAP目录以树状的层次结构来存储数据.每个目录记录都有标识名(D ...
Rhel7 Ldap为本地用户认证方式，设置域、服务器位置和下载key
Rhel7 Ldap为本地用户认证方式,设置域.服务器位置和下载key yum -y install sssd authconfig-gtk krb5-workstation system-confi ...
用java进行LDAP用户登陆（用户认证）及修改密码
为什么80%的码农都做不了架构师?>>> 一.用户认证 public String execute(){Hashtable env = new Hashtable();Stri ...
4.监控展示系统Grafana和LDAP用户认证平台集成方法
文章目录 1.LDAP平台配置 1.1 创建grafana应用的组织单元GrafanaGroups 1.2 GrafanaGroups组的对象和属性 1.3 将test01用户加入Grafana-ad ...
java ladp用户认证_java – LDAP：如何使用连接详细信息验证用户身份
我无法使用LDAP对用户进行身份验证.我有以下细节: URL=ldap://10.10.10.10:389 LDAP BASE:DC=lab2,DC=ins LDAP Bind Account: CN ...
linux认证授权系统,linux高级操作系统用户认证与授权-20210323002921.doc-原创力文档...
HYPERLINK "/" 长沙理工大学 <Linux高级操作系统>课程设计报告基于Linux的用户认证与授权研究廖正磊学院计算机与通信工程专业计算机科学 ...
实战部署MySQL用户认证的Postfix邮件系统（3）
实战部署Postfix+MySQL+Dovecot+Postfixadmin+Extmail邮件系统(3) -----构建开源邮件系统系列如果您对本系列文章感兴趣,可以通过点击以下链接查看全文: 点 ...

ldap实现用户认证

ldap实现用户认证相关推荐

最新文章

热门文章