RE: how to login a Windows domaine/user programaticaly in a Web Service ?
From: Bassel Tabbara [MSFT] (firstname.lastname@example.org)
From: email@example.com (Bassel Tabbara [MSFT]) Date: Thu, 27 Mar 2003 00:54:13 GMT
You need to authenticate the users against the Active Directory. To
accomplish this you need to use
LdapAuthentication.IsAuthenticated method and passes in the credentials
that are collected from the user.
Then, a DirectoryEntry object is created with the path to the directory
tree, the user name, and the password.
The user name must be in the "domain\username" format. The DirectoryEntry
object then tries to force the AdsObject
binding by obtaining the NativeObject property. If this succeeds, the CN
attribute for the user is obtained by creating a
DirectorySearcher object and by filtering on the SAMAccountName. After the
user is authenticated, the IsAuthenticated
method returns true.
Moreover you need to use impersonation by setting <identity
impersonate="true" /> configuration element.
This causes ASP.NET to impersonate the account that is configured as the
anonymous account from Microsoft Internet
Information Services (IIS). As a result of this configuration, all
requests to this application run under the security context
of the configured account. The user provides credentials to authenticate
against the Active Directory, but the account that
accesses the Active Directory is the configured account.
For a complete explanation of this with the sample code, please refer to
the following Kb article:
326340 HOW TO: Authenticate against the Active Directory by Using Forms
If you have any questions regarding this, please feel free to post them.
This posting is provided "AS IS", with no warranties, and confers no rights.
| Reply-To: "Philippe" <firstname.lastname@example.org>
| From: "Philippe" <email@example.com>
| Subject: how to login a Windows domaine/user programaticaly in a Web
| Date: Wed, 26 Mar 2003 16:35:51 +0100
| Lines: 11
| Organization: NSI
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
| Message-ID: <eH3ro268CHA.2272@TK2MSFTNGP12.phx.gbl>
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| NNTP-Posting-Host: mail.nsi-sa.be 220.127.116.11
| Path: cpmsftngxa06!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12.phx.gbl
| Xref: cpmsftngxa06 microsoft.public.dotnet.framework.aspnet.security:4563
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| I have a WebService written in c#.
| In this Web Service, i have a WebMethod that receive 3 params (user,
| password and domain).
| I want to check the validity of these datas by trying a logon
| (programaticaly) on a NT Domain.
| Which method can i use ? How can i do ?
| Any help will be appreciated.