62,046
社区成员
发帖
与我相关
我的任务
分享域用户验证
webform上
用户输入域UserID
密码:Password
我如何验证输入是否正确。
我的思路是采用DirectoryEntry和DirectroySearch来查找
用户输入的UserID,然后核对密码,
但是一天了,找不到相关的编程资料,大家帮帮忙。
用户输入域UserID
密码:Password
我如何验证输入是否正确。
我的思路是采用DirectoryEntry和DirectroySearch来查找
用户输入的UserID,然后核对密码,
但是一天了,找不到相关的编程资料,大家帮帮忙。
...全文
请发表友善的回复…
发表回复
babyboy 2003-09-28
- 打赏
- 举报
GetObject or ADsGetObject provides Single Sign On with no encryption. The application need not provide any credential information when accessing Active Directory information. ADSI uses the security context of the calling thread. However, if secure authentication fails, ADSI attempts a simple bind with a NULL username and NULL password. If the simple bind succeeds, the user context for the binding is Guest. A simple bind is clear-text authentication. Because no username or password is sent, this is not a security issue.
For a service running under the LocalSystem account, the security context used by GetObject and ADsGetObject depends on the computer on which the service is running. If the service is running as LocalSystem on a domain controller, the service has full system-level access to Active Directory. If the service is not running on a DC, the service has the access rights and privileges allowed to the computer account for the computer on which the service is running (which is significantly less powerful than system-level access).
如果邦定到调用者线程的上下文失败,将进行guest用户的简单邦定,也就说这个
邦定始终会成功,那我怎么验证用户和密码的正确呢??
For a service running under the LocalSystem account, the security context used by GetObject and ADsGetObject depends on the computer on which the service is running. If the service is running as LocalSystem on a domain controller, the service has full system-level access to Active Directory. If the service is not running on a DC, the service has the access rights and privileges allowed to the computer account for the computer on which the service is running (which is significantly less powerful than system-level access).
如果邦定到调用者线程的上下文失败,将进行guest用户的简单邦定,也就说这个
邦定始终会成功,那我怎么验证用户和密码的正确呢??
babyboy 2003-09-28
- 打赏
- 举报
楼上的兄弟发的正是我想要的,能解释一下原理吗?
比如默认的命名上下文是什么?
初始化 DirectoryEntry 类的新实例。将 Path、Username 和 Password 属性设置为指定值。
[Visual Basic]
Public Sub New( _
ByVal path As String, _
ByVal username As String, _
ByVal password As String _
)
[C#]
public DirectoryEntry(
string path,
string username,
string password
);
[C++]
public: DirectoryEntry(
String* path,
String* username,
String* password
);
[JScript]
public function DirectoryEntry(
path : String,
username : String,
password : String
);
参数
path
此 DirectoryEntry 的路径。Path 属性初始化为该值。
username
在对客户端进行身份验证时使用的用户名。Username 属性初始化为该值。
password
在对客户端进行身份验证时使用的密码。Password 属性初始化为该值。
初始化的时候会对用户名和密码进行验证吗?
如果验证不通过会怎么样?
比如默认的命名上下文是什么?
初始化 DirectoryEntry 类的新实例。将 Path、Username 和 Password 属性设置为指定值。
[Visual Basic]
Public Sub New( _
ByVal path As String, _
ByVal username As String, _
ByVal password As String _
)
[C#]
public DirectoryEntry(
string path,
string username,
string password
);
[C++]
public: DirectoryEntry(
String* path,
String* username,
String* password
);
[JScript]
public function DirectoryEntry(
path : String,
username : String,
password : String
);
参数
path
此 DirectoryEntry 的路径。Path 属性初始化为该值。
username
在对客户端进行身份验证时使用的用户名。Username 属性初始化为该值。
password
在对客户端进行身份验证时使用的密码。Password 属性初始化为该值。
初始化的时候会对用户名和密码进行验证吗?
如果验证不通过会怎么样?
xiongliang2003 2003-09-28
- 打赏
- 举报
DirectoryEntry objDirRoot=new DirectoryEntry("LDAP://RootDSE");
string strPath = "LDAP://" + objDirRoot.Properties[ "defaultNamingContext"].Value ;
//用指定的拥护、账号登陆ad
DirectoryEntry objDirEnt=new DirectoryEntry(strPath,userAccount,userPass);
string strPath = "LDAP://" + objDirRoot.Properties[ "defaultNamingContext"].Value ;
//用指定的拥护、账号登陆ad
DirectoryEntry objDirEnt=new DirectoryEntry(strPath,userAccount,userPass);
goody9807 2003-09-27
- 打赏
- 举报
up
babyboy 2003-09-27
- 打赏
- 举报
问题已解决!这分是不是该散给我自己呢??
[DllImport("advapi32.dll", CharSet=CharSet.Auto)]public static extern int LogonUser(String lpszUserName, String lpszDomain,String lpszPassword,int dwLogonType, int dwLogonProvider,ref IntPtr phToken);
IntPtr token = IntPtr.Zero;
if (LogonUser(LoginUserID,LoginDomain,LoginPassword,1, 0,ref token) !=0)
{
Label1.Text = "succeed";
}
else
{
Label1.Text = "Failed";
}
[DllImport("advapi32.dll", CharSet=CharSet.Auto)]public static extern int LogonUser(String lpszUserName, String lpszDomain,String lpszPassword,int dwLogonType, int dwLogonProvider,ref IntPtr phToken);
IntPtr token = IntPtr.Zero;
if (LogonUser(LoginUserID,LoginDomain,LoginPassword,1, 0,ref token) !=0)
{
Label1.Text = "succeed";
}
else
{
Label1.Text = "Failed";
}
babyboy 2003-09-27
- 打赏
- 举报
自己再顶!
supercdz 2003-09-27
- 打赏
- 举报
有难度,帮你顶
babyboy 2003-09-27
- 打赏
- 举报
每人来?自己up
